Cyberspace of Shujun LI

Shortcuts

Introduction

This web page is a collection of resources for digital and multimedia forensics research. It covers not only research-oriented resources, but also those focusing on standards, best practices of law enforcement agencies and forensic professionals, legislation, accreditation, education and relevant media coverage.

General Resources

Web Sites

Digital Forensic Database @ Dartmouth College Forensics Wiki Forensics Focus Computer Forensics, Cybercrime and Steganography Resources @ forensix.org Computer Forensics World Forensic 4cast ForensicScience.org Computer Forensics, Cybercrime and Steganography Resources Brian Carrier's Digital Investigation / Forensics and Evidence Research Kulesh Shanmugasundaram's Forensics Links Dave Dittrich's Forensics Links GCK's Cybercrime and Cyberforensics-related URLs Cybercrimelaw.net ComputerForensicsCompanies.com Crime Scene Investigator Network CyberLawTimes.com Get Safe Online Crimestoppers (The Game of Fraud) Surrey Police Online Services Witness Confident stopcyberbullying.org (International Stop Cyberbullying Youth Summit) CIFAS - The UK's fraud prevention service (National Fraud Database, Internal Fraud Database) FraudAvengers™ National Trading Standards eCrime Team (NTSeCT) Consumer Fraud Forum emotion icon Forensic Multimedia Analysis Blog Windows Incident Response Blog The Digital Standard An Eye on Forensics A Fistful of Dongles The Apple Examiner Michael Spreitzenbarth's (mobile) forensic blog Muhammad Nuh Al-Azhar's Forensic Cop antiforensics.net Anti-Forensics.com emotion icon Centre for Cyber Victim Counselling (CCVC)

Books and Reports

Laws

US: Federal Evidence Review (Federal Rules of Evidence; Key Evidence Cases)

Forensics Tools, Exchange Formats and Datasets

General: Computer Forensics Tool Testing (CFTT) (Mobile Devices) National Software Reference Library (NSRL) National Repository for Digital Forensic Intelligence (NRDFI)
Data: Computer Forensic Reference Data Sets (CFReDS) Digital Forensics Tool Testing Images DigitalCorpora.org The disktype File System Sampler Cyber-investigation Analysis Standard Expression (CASE) EDRM (Electronic Discovery Reference Model) Enron PST Data Set (EDRM Enron Email Data Set v2) emotion icon SEARCH: The Online Resource for Justice and Public Safety Decision Makers emotion icon Dresden Image Database (for source device identification) Columbia Uncompressed Image Splicing Detection Evaluation Dataset Columbia Image Splicing Detection Evaluation Dataset CASIA Tampered Image Detection Evaluation Database Image Manipulation Dataset @ University of Erlangen-Nuremberg DBForgery 1.0 @ IPLab, University of Catania, Italy Dataset of "Image Tamper Detection Based on Demosaicing Artifacts" @ Polytechnic Institute of NYU Dataset of "Digital Single Lens Reflex Camera Identification From Traces of Sensor Dust" @ Polytechnic Institute of NYU MICC Copy-Move Datasets (MICC-F2000, MICC-F600, MICC-F220, MICC-F8multi) BOSSBase

Commercial Software

Guidance Software (part of OpenText): EnCase® Forensic (EnCase Forensic Academic Program) EnCase® Portable
Computer Forensics: AccessData Forensic Toolkit® (FTK®) X-Ways Forensics X-Ways Investigator Belkasoft Evidence Center Forensic Explorer Virtual Forensic Computing (VFC) Recover My Files Helix3 Pro Blade™ Passware Kit Forensic emotion icon Microsoft COFEE (Computer Online Forensic Evidence Extractor) Windows Forensic Environment (WinFE/Windows FE)
Multimedia Forensics: WeRecoverData.com - Data Recovery Labs Belkasoft Forgery Detection Plugin Recover My Photos Amped FIVE Amped Authenticate izitru IMIX IMPRESS ZiuZ Forensic Microsoft PhotoDNA Adobe Audition
Anti-Forensics & Privacy Protection: WhiteCanyon Software Webroot® SecureAnywhere™ CyberScrub Windows & Internet Cleaner Pro Steganos Privacy Suite Winclear emotion icon Consumer Warning: Scam Artists Want Your Money

Open-Source Software and Freeware

Forensic Control's list of Free computer forensic tools

Computer Forensics: SANS SIFT Kit/Workstation: Investigative Forensic Toolkit CAINE (Computer Aided INvestigative Environment) Live CD DEFT Linux - Computer Forensics live CD Kali Linux (formerly known as BackTrack) Knoppix STD (Security Tools Distribution) Helix3 SMART Linux PlainSight (R)ecovery (I)s (P)ossible Linux rescue system SNARL J.A.F.A.T. - Archive of Forensics Analysis Tools Live Forensic Toolkit (LFT) @ Masterkey Linux emotion icon ALT Linux Rescue The Sleuth Kit (TSK) Grml Live Linux Matriux Pentoo emotion icon Open Source Digital Forensics AFFLIB (Advanced Forensics Format Library) (aimage – the Advanced Disk Imager, bulk_extractor, tcpflow — A TCP Flow Recorder; fiwalk, dfxml_tool) Foremost (file recovrey tool) Maltego Community Version NFI Defraser Forensic Acquisition Utilities LibForensics Live View FTimes PyFlag (Forensic and Log Analysis GUI) guymager PyDetective theharvester Registry Decoder Windows File Analyzer Forensics Tools @ woanware emotion icon EnCase Forensic Imager Free Oxygen Forensic® Suite (Standard) Belkasoft Acquisition Tool (BelkaImager) Belkasoft RAM Capturer
Memory Forensics: The Volatility Framework: Volatile memory artifact extraction utility framework VOLIX (Volatility Interface & Extensions) volatility-ng volatilitux LiME - Linux Memory Extractor emotion icon Mandiant Redline® Mandiant Memoryze™ Memoryze™ for the Mac
Tools for Accessing Files and System Info: TestDisk Free tools from DiskInternals Research (Linux Reader) Paragon ExtFS for Windows® Ext2Read analyzeMFT (a Python tool to deconstruct the Windows NTFS $MFT file) RegRipper python-registry Windows shellbag forensics PsLoggedOn GrokEVT Rifiuti (A Recycle Bin Forensic Analysis Tool) emotion icon Webscavator (a visualisation suite for the analysis of internet history) Pasco (An Internet Explorer activity forensic analysis tool) Galleta (An Internet Explorer Cookie Forensic Analysis Tool) libmsiecf (Library and tools to access the Microsoft Internet Explorer Cache File files) emotion icon file (Guesses file type based on magic header and footer values) libewf (a library for support of the Expert Witness Compression Format) INDXParse libesedb (Library and tools to access the Extensible Storage Engine Database File) liblnk (Library and tools to access the Windows Shortcut File) eCryptfs Parser emotion icon libnk2 (Library and tooling to support the Microsoft Outlook Nickfile) libpff (library and tools to analyze Microsoft Outlook Personal Folder Files) UnDBX (Tool to extract, recover and undelete e-mail messages from Outlook Express .dbx files) emotion icon Apache Tika (a content analysis toolkit) Apache PDFBox (a Java PDF Library) peepdf (PDF Analysis Tool)
Forensic Hashing Tools: ssdeep md5deep and hashdeep DeepToad (a library and a tool to clusterize similar files using fuzzy hashing) MD5Summer Quick Hash GUI emotion icon pHash: The open source perceptual hash library phasher: A naive perceptual hasher for php
Network Forensics: Spider @ Cornell Wireshark Netcat tcpdump (a powerful command-line packet analyzer) & libpcap (a portable C/C++ library for network traffic capture) NetSleuth NetworkMiner pytbull (a python based flexible IDS/IPS testing framework) WebJob tcpflow ssldump emotion icon Social Snapshots: Digital Forensics for Online Social Networks
Mobile/Small Device Forensics: Santoku Linux NowSecure Forensics Suite (Community Edition) NowSecure App Testing Suite (Community Edition) Burner Phone Forensic Resources viaForensics AFLogical (Open source focrensic application to extract data from Android devices) TULP2G - forensic framework for extracting and decoding data SIMfill TULP2G (a .NET based forensic software framework for extracting and decoding data stored in electronic devices) rapi tools (A collection of tools to do many things to a windows CE device via Activesync/RAPI) emotion icon RFIDIOt (an open source python library for exploring RFID devices)
Anti-Forensics & Privacy Protection: Eraser Darik's Boot And Nuke Evidence Eliminator Eliminator (E3) ParetoLogic Privacy Controls Timestomp Slacker emotion icon Detect and Eliminate Computer Acquired Forensics (DECAF)

Footer


PRchecker.info
Valid XHTML 1.0 Transitional

China

Germany (CET)