forensicsblog.org
Metadata Extraction of GPX Files
http://forensicsblog.org/2013/07/11/metadata-extraction-of-gpx-files
Forensics and Information Security. Metadata Extraction of GPX Files. On July 11, 2013. To briefly supplement my GPS Device Analysis research. The GPX file itself should have interesting metadata qualities that can help you decide its relevance to your case. For example, I was able to pull the following data out of my GPX file using ExifTool. Gpx Metadata Link Href : http:/ www.garmin.com. Gpx Metadata Link Text : Garmin International. Gpx Metadata Time : 2013:03:03 19:38:00Z. Research: GPS Device Analys...
forksec.wordpress.com
Mandiant APT1 Report & New IOCs | fork()
https://forksec.wordpress.com/2013/02/20/mandiant-apt1-report-new-iocs
Research: GPS Device Analysis. Forensics and Information Security. Mandiant APT1 Report and New IOCs. On February 20, 2013. APT1: Exposing One of China’s Cyber Espionage Units. IOCs w/ hashes as part of Mandiant’s OpenIOC Project. Digital Appendix and Indicators. So be sure to add those IOCs to a Redline collector and get scanning! Larr; Google Map Tiles: Forensics & IEF. ADS Links →. Leave a Reply Cancel reply. Enter your comment here. Fill in your details below or click an icon to log in:.
forksec.wordpress.com
Updates to GPS Utility (Timestamp Features) | fork()
https://forksec.wordpress.com/2013/08/07/updates-to-gps-utility-timestamp-features
Research: GPS Device Analysis. Forensics and Information Security. Updates to GPS Utility (Timestamp Features). On August 7, 2013. I decided to make some pretty solid changes to TrackerCat. Since my last post. I wasn’t satisfied with it only converting GPX-to-KML. The new changes include the following:. Ability to recursively export all GPXs from a specified path (can be a mounted device image). Larr; TrackerCat: GPX-to-KML Active Log Mapping Tool. Leave a Reply Cancel reply. Enter your comment here.
forksec.wordpress.com
Android USB Device Support | fork()
https://forksec.wordpress.com/2013/06/23/android-usb-device-support
Research: GPS Device Analysis. Forensics and Information Security. Android USB Device Support. On June 23, 2013. By AH and setting up the SDK on my Ubuntu box, I noticed the udev rules needed an update. Makes sense considering there’s been many new vendors since the book was published. Copy and paste it:. 51-android-rules should be placed in /etc/udev/rules.d (chmod 664 or a r). Official Guide and Vendor IDs: http:/ developer.android.com/tools/device.html. SUBSYTEM= ”USB”, SYSFS{idVendor}= &#...SUBSYTEM=...
forksec.wordpress.com
Thoughts on viaExtract (Demo) | fork()
https://forksec.wordpress.com/2013/05/19/thoughts-on-viaextract-demo
Research: GPS Device Analysis. Forensics and Information Security. Thoughts on viaExtract (Demo). On May 19, 2013. I recently had the opportunity to try the viaForensics viaExtract VM utility. viaExtract is essentially a framework in which many different advanced analysis features can be utilized (and automated). Based on Ubuntu, the VM utility is easy to setup and even easier to operate. Browser History including Searches and Bookmarks. An in-depth call log. In-depth contact information acquisition.
forensicsblog.org
Sample Code - Dictionary Zip Password Tool - fork()
http://forensicsblog.org/2013/11/04/zipdict
Forensics and Information Security. Sample Code – Dictionary Zip Password Tool. On November 4, 2013. I decided to try making a basic dictionary zip password recovery tool for fun. Some of the other free open source tools out there are great but this tool is fully functional if not ideal. I’m primarily posting it to serve as an example of how Python can be used to perform such an attack. I do not condone the use of password crackers for illicit purposes. You can also click here. My next post will be on an...
forensicsblog.org
Android USB Device Support (udev ruleset) - fork()
http://forensicsblog.org/2013/06/23/android-usb-device-support
Forensics and Information Security. Android USB Device Support. On June 23, 2013. By AH and setting up the SDK on my Ubuntu box, I noticed the udev rules needed an update. Makes sense considering there’s been many new vendors since the book was published. Copy and paste it:. 51-android-rules should be placed in /etc/udev/rules.d (chmod 664 or a r). Official Guide and Vendor IDs: http:/ developer.android.com/tools/device.html. SUBSYTEM= ”USB”, SYSFS{idVendor}= ”12d1″, MODE=”0...SUBSYTEM= ”USB”...SUBSYTEM=...
forensicsblog.org
Public Wi-Fi? Be Mindful of Session Hijacking - fork()
http://forensicsblog.org/2012/08/01/public-wi-fi-be-mindful-of-session-hijacking
Forensics and Information Security. Be Mindful of Session Hijacking. On August 1, 2012. Cache Exploitation and Sidejacking (Session Hijacking). Other MITM (man in the middle software; no packet injecting capable NIC needed! For more on MITM attacks please click here. Schneier on Security; 7/15/2008). These type of exploits could be known as the “The Starbucks Social Network Exploit” for all intents and purposes since places that offer free wi-fi are at risk. Wi-fi network is at risk. As we see with A...
forensicsblog.org
Mobile View - fork()
http://forensicsblog.org/fork-mobile
Forensics and Information Security. Fork() on Android (Google Chrome). To view the blog on your mobile device you can:. Visit the mobile friendly version of the site by opening the site in your mobile browser. Download the WordPress app for Android or iOS. If you frequent WordPress or have your own blog. The mobile version is constantly being updated for iOS and Android. If your device isn’t supported now, it may be in the future! Click to share on Twitter (Opens in new window). Follow me on twitter.