Big week for tool releases and malware analysis this week! SOFTWARE UPDATES Didier Stevens updated two of his scripts Xor-kpa was updated to version 0.0.4 adding “the option -x to encode/decode, and also prints the hexadecimal value of the found keys”. Update: xor-kpa.py Version 0.0.4 PDF-Parser was updated to version 0.6.6 to fix a bug. […]

SOFTWARE UPDATES ExifTool was updated to version 10.36 (production release) adding support for new tags, and fixing some bugs. Nov. 24, 2016 – Version 10.36 (production release) Didier Stevens updated his base64dump Python script to version 0.0.5 to support additional encodings (hexadecimal (hex), \u unicode (bu) and %u unicode (pu)) Update: base64dump.py Version 0.0.5 A […]

SOFTWARE UPDATES Magnet Forensics updated Axiom to version 1.0.7. The update adds support for the Pebble Watch app (iOS/Android), extracting artefacts from RAR containers, improved  localization and language support as well as various other artefacts. Magnet AXIOM Now Supports Pebble Watch, LINE for Android, Artifacts from RAR Containers, and More Magnet also updated Internet Evidence […]

SOFTWARE UPDATES ExifTool was updated to 10.33 (developmental release) adding support for new tags, and minor bug fixes ExifTool 10.33 Paul Sanderson released version 3.1.7b of Forensic Browser for SQLite to fix a couple of bugs. 3.1.7b Mark Woan updated lookuper to version 0.0.7) with support for https://haveibeenpwned.com/ data Check Out Woanware’s Tweet AccessData updated […]

SOFTWARE UPDATES Philippe Lagadec has updated oletools to version 0.50 including updates to olevba, mraptor, mraptor_milter, rtfobj and setup, as well as Python 3 support. OLETools Readme GetData’s Forensic Explorer was updated to version v3.9.4.5950 with some minor bug fixes, and minor GUI and translation improvements. Download Forensic Explorer FireEye’s FLOSS has been updated to […]

SOFTWARE UPDATES Didier Stevens updated his virustotal-search Python script to version 0.1.4,  now accepting input from standard input. Update: virustotal-search.py Version 0.1.4 Cellebrite updated UFED Physical analyser to version 5.3.6, adding support for iOS 10.1 backups, as well as various bug fixes. UFED PHYSICAL ANALYZER 5.3.6 HAS BEEN RELEASED Autopsy was updated to version 4.2.0 […]

Publishing slightly earlier this week due to university commitments, anything else published today will get rolled into next week’s post. SOFTWARE UPDATES Didier Stevens updated oledump.py to version 0.0.25, adding “a couple of new options (–decoderdir and –plugindir) and a bugfix”. Update: oledump.py Version 0.0.25 Didier also updated his cut-bytes.py Python script to version 0.0.4, […]

SOFTWARE UPDATES Comae Technologies have released an update to their memory toolkit product (dumpit), currently at version 3.0.109.20161007. This update includes bug fixes and feature improvements including the “auto-generation of a .json file in the same folder of the memory snapshot”. Magnet Forensics have updated Axiom to version 1.0.6. The update adds support for recovering […]

SOFTWARE UPDATES ExifTool was updated version 10.29 (development release), adding new tags and updates to various options. ExifTool 10.29 DME Forensics released an update to DVR Examiner (version 1.26.0), adding “additional filesystems, as well as a few small improvements and bug fixes.” DVR Examiner 1.26.0 Elcomsoft updated their Cloud Explorer product to version 1.20.14403. Oleg […]

I would like to mention that my site is not a replacement for reading the actual material. I just write a brief summary of the article (or just mention it) and use the site search when I need to jog my memory. Anyone that would like me to stop covering their blog, or would like to […]