Zyxware Technologies, profile picture
Uploaded byZyxware Technologies
PDF, PPTX4,093 views

An introduction to cyber forensics and open source tools in cyber forensics

The document provides an overview of cyber forensics, which involves collecting and analyzing digital evidence for legal purposes. It details the phases of cyber forensics, methods for acquiring and analyzing data, and compares open source tools with proprietary tools' benefits and drawbacks. Additionally, it lists various open source initiatives and tools available for different stages of the forensic process.

Embed presentation

Download as PDF, PPTX
An Introduction to Cyber Forensics and Open Source Tools in Cyber Forensics Anoop John Founder & CTO Zyxware Technologies
Cyber Forensics OS Tools What is Cyber Forensics Cyber - A prefix used in a growing number of terms to describe new things that are being made possible by the spread of computers. Anything related to the Internet also falls under the cyber category. Forensics – Scientific tests and techniques used in connection with the detection of crime Cyber Forensics – Discipline that combines elements of law and computer science to collect and anlayze data from computer systems, mobiles, networks, communication systems, and storage devices in a way that is admissible in a court of law
Cyber Forensics OS Tools What is Digital Evidence? Information and data of value to an investigation that is stored on, received, or transmitted by an electronic device. This evidence is acquired when data or electronic devices are seized and secured for examination.
Cyber Forensics OS Tools Where do you find Digital Evidence? Digital Evidence may be found in Storage devices like hard disc CD DVD memory card USB drive mobile phones SIM card Online resources like mail servers cloud servers / data centers
Cyber Forensics OS Tools How can you hide Digital Evidence? Digital Evidence can be hidden in Files Password protected files Encrypted files Steganography files Hard Drives Encrypted drives Formatted hard disc HPA (Host Protected Area) DCO (Device Configuration Overlay)
Cyber Forensics OS Tools What can Digital Evidence be related to? Digital Evidence could be related Online fraud Organized crime Identity / Data theft Unauthorized access Malicious files / Virus attack / Cyber attack Data alteration Cyber defamation Cyber pornography Online gambling Sale of illegal items
Cyber Forensics OS Tools Phases in Cyber Forensics Phase 1: Identification of storage media for potential evidence / Identification of transmission media for collection of potential evidence Phase 2: Acquisition of the storage media / collection of transmitted information Phase 3: Securing collected media / data and forensic analysis of the acquired media Phase 4: Documentation & Reporting
Cyber Forensics OS Tools Analyzing acquired media/data Identifying traces of network / computer intrusion Processing network packets, log files Identifying & examining malicious files Employing techniques to crack file & system passwords Detecting steganography Recovering deleted, fragmented, hidden & corrupted data Analyzing online activities
Cyber Forensics OS Tools Handling acquired media/data Maintaining evidence custody procedures Preventing tampering Identifying tampering Courtroom presentation
Cyber Forensics OS Tools Pros of Open Source Tools Low capital cost Minimal / No operational cost Minimal / No maintenance cost Algorithm/logic is known to the user Source code is freely available for access, editing & customization Extensive support from the open source community Free usage to any number of users
Cyber Forensics OS Tools Cons of Proprietary Tools High capital cost High operational cost High maintenance cost Algorithm/logic not known. No access to source Heavy dependency on the software manufacturer Restricted usage
Cyber Forensics OS Tools Open Source Initiatives Belgian Federal Computer Crime Unit (FCCU) http://www.lnx4n6.be/index.php An advanced network forensic framework By: Australian Federal Police, Brisbane, Australia http://sourceforge.net/projects/pyflag/files/ Project in The Software and Systems Division supported by Law Enforcement Standards Office and Department of Homeland Security http://www.cftt.nist.gov/index.html
Cyber Forensics OS Tools Open Source Initiatives (cont...) The Open Computer Forensics Architecture (OCFA) is a modular computer forensics framework built by the Dutch National Police Agency http://ocfa.sourceforge.net/ ForeIndex: A Framework for Analysis and Triage of Data Forensics http://www.basistech.com/wp- content/uploads/2014/04/osdf-2011-silva- foreindex.pdf
Cyber Forensics OS Tools Open Source Tools in Acquisition Phase Digital Forensics Framework www.digital-forensic.org CAINE www.caine-live.net/ DEFT www.deftlinux.net/ OCFA http://sourceforge.net/projects/ocfa/ Sleuthkit http://www.sleuthkit.org
Cyber Forensics OS Tools Open Source / Free Tools in Analysis Phase Digital Forensics Framework www.digital-forensic.org CAINE www.caine-live.net DEFT www.deftlinux.net SAFT Mobile Forensics www.signalsec.com/saft SANS Investigative Forensics Toolkit – SIFT http://digital- forensics.sans.org/community/downloads
Cyber Forensics OS Tools Open Source / Free Tools in Analysis Phase (cont...) Sleuthkit Autopsy http://www.sleuthkit.org/autopsy/ Sleuthkit http://www.sleuthkit.org/sleuthkit/ Live View http://liveview.sourceforge.net/
Cyber Forensics OS Tools Open Source / Free Tools in Analysis Phase (cont...) Analyzing RAM CMAT http://sourceforge.net/projects/cmat Volafox https://www.volatilesystems.com/default/volatility Volatile https://www.volatilesystems.com/default/volatility Network Forensics WireShark http://www.wireshark.org NetworkMinor http://networkminer.en.malavida.com/
Cyber Forensics OS Tools Open Source / Free Tools in Analysis Phase (cont...) Registry analysis Registry Decoder http://www.digitalforensicssolutions.com/registrydec oder/ Password cracking Free Tools http://www.openwall.com/john Cracking Passwords for Windows, PDF, Word RAR , ZIP & Excel http://pcsupport.about.com/od/toolsofthetrade/tp/ password-cracker-recovery.htm
Cyber Forensics OS Tools Open Source / Free Tools in Analysis Phase (cont...) Detecting Pornography Redlight Porn Scanner http://dfcsc.uri.edu/research/redLightTrial http://www.nij.gov/topics/technology/pages/software- tools.aspx
Cyber Forensics OS Tools Questions? info@zyxware.com +91-9446069446
Cyber Forensics OS Tools Thank you
Cyber Forensics OS Tools Credits & References http://www.slideshare.net/SagarRahurkar/digital- forensics-best-practices-with-the-use-of-open- source-tools-and-admissibility-of-digital-evidence- in-courts https://en.wikipedia.org/wiki/Computer_forensics http://www.slideshare.net/prashant3535/digital- crime-forensics-15360016 http://resources.infosecinstitute.com/computer- forensics-tools/ http://www.gfi.com/blog/top-20-free-digital- forensic-investigation-tools-for-sysadmins/ http://www.digitalforensicsassociation.org/opensour ce-tools/

More Related Content

PPT
Lecture2 Introduction to Digital Forensics.ppt
bySurajgroupsvideo
 
PPTX
Digital forensics
byvishnuv43
 
PPTX
Computer Forensics ppt
byOECLIB Odisha Electronics Control Library
 
PDF
CS6004 Cyber Forensics
byKathirvel Ayyaswamy
 
PPTX
Computer crimes and forensics
byAvinash Mavuru
 
PDF
Digital Forensic: Brief Intro & Research Challenge
byAung Thu Rha Hein
 
PPT
Anti-Forensics: Real world identification, analysis and prevention
bySeccuris Inc.
 
PPT
Mobile forensics
bynoorashams
 
Lecture2 Introduction to Digital Forensics.ppt
bySurajgroupsvideo
 
Digital forensics
byvishnuv43
 
Computer Forensics ppt
byOECLIB Odisha Electronics Control Library
 
CS6004 Cyber Forensics
byKathirvel Ayyaswamy
 
Computer crimes and forensics
byAvinash Mavuru
 
Digital Forensic: Brief Intro & Research Challenge
byAung Thu Rha Hein
 
Anti-Forensics: Real world identification, analysis and prevention
bySeccuris Inc.
 
Mobile forensics
bynoorashams
 

What's hot

PPTX
Computer forensics powerpoint presentation
bySomya Johri
 
PPTX
Browser forensics
byPrince Boonlia
 
PPT
Computer forensics
bySCREAM138
 
PPTX
Computer forensic ppt
byPriya Manik
 
PPTX
Network forensics and investigating logs
byanilinvns
 
PPTX
Identity theft ppt
byCut 2 Shreds
 
PDF
Cyber Forensics
byDeepak Kumar (D3)
 
PPT
Windows forensic artifacts
byn|u - The Open Security Community
 
PPTX
Mobile Forensics
byabdullah roomi
 
PDF
Ensuring Mobile Device Security
byQuick Heal Technologies Ltd.
 
PPTX
Logging, monitoring and auditing
byPiyush Jain
 
PPTX
Computer and internet fraud
byKarmaveersinghsankhl
 
PPTX
Cybercrime investigation
byProf. (Dr.) Tabrez Ahmad
 
PPTX
Digital Forensics
byMithileysh Sathiyanarayanan
 
PPTX
Computer Crimes
byIvy Rose Recierdo
 
PPTX
Malware
byAnoushka Srivastava
 
PPTX
Security & Privacy of Information Technology
byAshish Mathew
 
PPT
The Trouble with Cloud Forensics
bySharique Rizvi
 
PPT
The Future of Cyber Security
byStephen Lahanas
 
PDF
Darknet
byShubham Dwivedi
 
Computer forensics powerpoint presentation
bySomya Johri
 
Browser forensics
byPrince Boonlia
 
Computer forensics
bySCREAM138
 
Computer forensic ppt
byPriya Manik
 
Network forensics and investigating logs
byanilinvns
 
Identity theft ppt
byCut 2 Shreds
 
Cyber Forensics
byDeepak Kumar (D3)
 
Windows forensic artifacts
byn|u - The Open Security Community
 
Mobile Forensics
byabdullah roomi
 
Ensuring Mobile Device Security
byQuick Heal Technologies Ltd.
 
Logging, monitoring and auditing
byPiyush Jain
 
Computer and internet fraud
byKarmaveersinghsankhl
 
Cybercrime investigation
byProf. (Dr.) Tabrez Ahmad
 
Digital Forensics
byMithileysh Sathiyanarayanan
 
Computer Crimes
byIvy Rose Recierdo
 
Malware
byAnoushka Srivastava
 
Security & Privacy of Information Technology
byAshish Mathew
 
The Trouble with Cloud Forensics
bySharique Rizvi
 
The Future of Cyber Security
byStephen Lahanas
 
Darknet
byShubham Dwivedi
 

Viewers also liked

PPTX
Digital forensics
byyash sawarkar
 
PDF
Cloud-forensics
byanupriti
 
PPTX
Computer forensics
bydeaneal
 
PPT
Digital Forensics
byNicholas Davis
 
PDF
Digital Crime & Forensics - Presentation
byprashant3535
 
PPTX
cyber security and forensic tools
bySonu Sunaliya
 
PPT
Computer forensics
byLalit Garg
 
PPTX
Digital Forensics
byOldsun
 
PPT
Cyber crime and forensic
bySANTANU KUMAR DAS
 
PDF
05 Duplication and Preservation of Digital evidence - Notes
byKranthi
 
PPT
Computer +forensics
byRahul Baghla
 
PPSX
Cloud Forensics
bysdavis532
 
PPTX
Cloud Computing : Security and Forensics
byGovind Maheswaran
 
PPTX
Computer forensics
bySarwar Hossain Rafsan
 
PPTX
Computer forensics ppt
byNikhil Mashruwala
 
PPTX
Digital forensics
byRoberto Ellis
 
PDF
01 Computer Forensics Fundamentals - Notes
byKranthi
 
PDF
Forensic Tools for In-Depth Performance Investigations
byNicholas Jansma
 
PPTX
Ceic 2012 anti-anti-forensics
byJose Moruno Cadima
 
Digital forensics
byyash sawarkar
 
Cloud-forensics
byanupriti
 
Computer forensics
bydeaneal
 
Digital Forensics
byNicholas Davis
 
Digital Crime & Forensics - Presentation
byprashant3535
 
cyber security and forensic tools
bySonu Sunaliya
 
Computer forensics
byLalit Garg
 
Digital Forensics
byOldsun
 
Cyber crime and forensic
bySANTANU KUMAR DAS
 
05 Duplication and Preservation of Digital evidence - Notes
byKranthi
 
Computer +forensics
byRahul Baghla
 
Cloud Forensics
bysdavis532
 
Cloud Computing : Security and Forensics
byGovind Maheswaran
 
Computer forensics
bySarwar Hossain Rafsan
 
Computer forensics ppt
byNikhil Mashruwala
 
Digital forensics
byRoberto Ellis
 
01 Computer Forensics Fundamentals - Notes
byKranthi
 
Forensic Tools for In-Depth Performance Investigations
byNicholas Jansma
 
Ceic 2012 anti-anti-forensics
byJose Moruno Cadima
 

Similar to An introduction to cyber forensics and open source tools in cyber forensics

PDF
Digital forensic science and its scope manesh t
byManesh T
 
PPTX
Digital forensic tools
byParsons Corporation
 
PPTX
Digital Forensics best practices with the use of open source tools and admiss...
bySagar Rahurkar
 
PPT
Digital forensics
byNicholas Davis
 
PDF
Cyber Forensics Module 1
byManu Mathew Cherian
 
DOCX
Digital forensics Steps
bygamemaker762
 
DOCX
Cyber&digital forensics report
byyash sawarkar
 
PPTX
Computer Forensics.pptx
byHappyness Mkumbo
 
PPT
Forensic Lab Development
byamiable_indian
 
PPTX
unit 5 understanding computer forensics.pptx
byDimple Relekar
 
PPTX
ppt for Module 5 cybersecuirty_023501.pptx
byMayuraD1
 
PPTX
DIGITAL FORENSICS, MULTIMEDIA AND INCIDENT RESPONSE.pptx
bysreejithskumar190702
 
PDF
the Cyber - Forensics - Lab - Manual . pdf
by22cc005
 
PPTX
INTRODUCTION TO DIGITAL FORENSIC and Computer Foresnics.pptx
byMuhammadAsimMubarik
 
PPTX
Digital Forensics: Concept, Stages, Guidelines, Techniques, and Data Recovery
byGodwin Emmanuel Oyedokun MBA MSc PhD FCA FCTI FCNA CFE FFAR
 
PPTX
Combating cyber security through forensic investigation tools
byVenkata Sreeram
 
PDF
Post-Genesis Digital Forensics Investigation
byUniversitas Pembangunan Panca Budi
 
PPTX
Draft current state of digital forensic and data science
byDamir Delija
 
PDF
Computer Forensics | Patricia Watson | 2004
byPatricia M Watson
 
PPTX
wang.pptx
bySteveIrwin25
 
Digital forensic science and its scope manesh t
byManesh T
 
Digital forensic tools
byParsons Corporation
 
Digital Forensics best practices with the use of open source tools and admiss...
bySagar Rahurkar
 
Digital forensics
byNicholas Davis
 
Cyber Forensics Module 1
byManu Mathew Cherian
 
Digital forensics Steps
bygamemaker762
 
Cyber&digital forensics report
byyash sawarkar
 
Computer Forensics.pptx
byHappyness Mkumbo
 
Forensic Lab Development
byamiable_indian
 
unit 5 understanding computer forensics.pptx
byDimple Relekar
 
ppt for Module 5 cybersecuirty_023501.pptx
byMayuraD1
 
DIGITAL FORENSICS, MULTIMEDIA AND INCIDENT RESPONSE.pptx
bysreejithskumar190702
 
the Cyber - Forensics - Lab - Manual . pdf
by22cc005
 
INTRODUCTION TO DIGITAL FORENSIC and Computer Foresnics.pptx
byMuhammadAsimMubarik
 
Digital Forensics: Concept, Stages, Guidelines, Techniques, and Data Recovery
byGodwin Emmanuel Oyedokun MBA MSc PhD FCA FCTI FCNA CFE FFAR
 
Combating cyber security through forensic investigation tools
byVenkata Sreeram
 
Post-Genesis Digital Forensics Investigation
byUniversitas Pembangunan Panca Budi
 
Draft current state of digital forensic and data science
byDamir Delija
 
Computer Forensics | Patricia Watson | 2004
byPatricia M Watson
 
wang.pptx
bySteveIrwin25
 

More from Zyxware Technologies

PDF
The art of communication - managing digital communication
byZyxware Technologies
 
PDF
Debugging Drupal - How to Debug your Drupal Application
byZyxware Technologies
 
PDF
Drupal as a Rapid Application Development (RAD) Framework for Startups
byZyxware Technologies
 
PDF
Personalized customer experience using ecommerce portal
byZyxware Technologies
 
PDF
Code quality - aesthetics & functionality of writing beautiful code
byZyxware Technologies
 
PDF
CETAA Vision 2025 - Making CETAA the best alumni association in India
byZyxware Technologies
 
PDF
ICFOSS Interaction with Small and Medium Enterprises on IT Enabling SMEs with...
byZyxware Technologies
 
PDF
Google Docs - Leverage the power of collaboration with shared documents
byZyxware Technologies
 
PDF
Web Application Performance Audit and Optimization
byZyxware Technologies
 
PDF
Come, build your career at Zyxware Technologies
byZyxware Technologies
 
PDF
Setting in place a product development strategy
byZyxware Technologies
 
PDF
Learn Drupal 8 Render Pipeline
byZyxware Technologies
 
PDF
Drupal as a Rapid Application Development Framework for Non Profits / NGOs
byZyxware Technologies
 
PDF
Introduction to Drupal, Training conducted at MES-AIMAT, Aluva on 2013-09-26
byZyxware Technologies
 
PDF
Drupal ecosystem in India and Drupal's market potential in India
byZyxware Technologies
 
PDF
Exploring Wider Collaboration Mechanisms in the Drupal Space
byZyxware Technologies
 
PDF
Drupal is taking over Australia
byZyxware Technologies
 
PDF
Drupal Performance Audit and Optimization
byZyxware Technologies
 
ODP
Collaborative development using git, Session conducted at Model Engineering C...
byZyxware Technologies
 
PDF
Introduction to Bash Scripting, Zyxware Technologies, CSI Students Convention...
byZyxware Technologies
 
The art of communication - managing digital communication
byZyxware Technologies
 
Debugging Drupal - How to Debug your Drupal Application
byZyxware Technologies
 
Drupal as a Rapid Application Development (RAD) Framework for Startups
byZyxware Technologies
 
Personalized customer experience using ecommerce portal
byZyxware Technologies
 
Code quality - aesthetics & functionality of writing beautiful code
byZyxware Technologies
 
CETAA Vision 2025 - Making CETAA the best alumni association in India
byZyxware Technologies
 
ICFOSS Interaction with Small and Medium Enterprises on IT Enabling SMEs with...
byZyxware Technologies
 
Google Docs - Leverage the power of collaboration with shared documents
byZyxware Technologies
 
Web Application Performance Audit and Optimization
byZyxware Technologies
 
Come, build your career at Zyxware Technologies
byZyxware Technologies
 
Setting in place a product development strategy
byZyxware Technologies
 
Learn Drupal 8 Render Pipeline
byZyxware Technologies
 
Drupal as a Rapid Application Development Framework for Non Profits / NGOs
byZyxware Technologies
 
Introduction to Drupal, Training conducted at MES-AIMAT, Aluva on 2013-09-26
byZyxware Technologies
 
Drupal ecosystem in India and Drupal's market potential in India
byZyxware Technologies
 
Exploring Wider Collaboration Mechanisms in the Drupal Space
byZyxware Technologies
 
Drupal is taking over Australia
byZyxware Technologies
 
Drupal Performance Audit and Optimization
byZyxware Technologies
 
Collaborative development using git, Session conducted at Model Engineering C...
byZyxware Technologies
 
Introduction to Bash Scripting, Zyxware Technologies, CSI Students Convention...
byZyxware Technologies
 

Recently uploaded

PPTX
Detecting Bad Apples: Understanding macOS Malware TTPs by Surya Teja
byCysinfo Cyber Security Community
 
PPTX
Attacking and Defending AI by Adity Roy and Nikita Biradar
byCysinfo Cyber Security Community
 
PDF
NYC ACE 12-Nov-2025-Combined Presentation.pdf
byAUGNYC
 
PDF
AOX Apps - Mobile App Development Company New York
byAOX APPS
 
PDF
SWEBOK: the software engineering body of knowledge (SC25 Workshop Research So...
byHironori Washizaki
 
PPTX
Communicating Software Architecture using Arc42 v1.1
byAshraf Fouad
 
PDF
Building Custom Insurance Applications With
byOpenkoda
 
PDF
2025_11_19 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
PPTX
Key Benefits of Odoo Customization Services
byCandidRoot Solutions Private Limited
 
PDF
AI/ML Infra Meetup | Open Source Michelangelo: Uber's Predictive to Generativ...
byAlluxio, Inc.
 
PDF
Smarter Testing Safer Systems Balancing AI and Oversight in Regulated Environ...
byApplitools
 
PPTX
BI and Reporting Software Turning Clinic Data Into Smarter, More Compassionat...
byEasy Clinic
 
PDF
The Evolution of Project Portfolio Management - What Modern PMOs Are Doing Di...
byOnePlan Solutions
 
PDF
vMix Overview & Key Features Easily Produce, Record and Live Stream
byIGM Soraing
 
PDF
DSD-INT 2025 Thermal and chemical plumes of sea cooling water from PEM platfo...
byDeltares
 
PDF
DSD-INT 2025 3D Modeling of Shallow Water Dynamics Using Delft3D FM - Martins
byDeltares
 
PDF
Threat Hunting with Garuda: From Manual Analysis to AI-Driven Hunting By Monn...
byCysinfo Cyber Security Community
 
PPTX
Working of Minimax Algorithm with Alpha-Beta Pruning.pptx
byMuhammadHassanArshad2
 
PDF
Combinatorial Interview Problems with Backtracking Solutions - From Imperativ...
byPhilip Schwarz
 
PPTX
Short Film Script Development Process HARMONIA
byzdolezalmedia
 
Detecting Bad Apples: Understanding macOS Malware TTPs by Surya Teja
byCysinfo Cyber Security Community
 
Attacking and Defending AI by Adity Roy and Nikita Biradar
byCysinfo Cyber Security Community
 
NYC ACE 12-Nov-2025-Combined Presentation.pdf
byAUGNYC
 
AOX Apps - Mobile App Development Company New York
byAOX APPS
 
SWEBOK: the software engineering body of knowledge (SC25 Workshop Research So...
byHironori Washizaki
 
Communicating Software Architecture using Arc42 v1.1
byAshraf Fouad
 
Building Custom Insurance Applications With
byOpenkoda
 
2025_11_19 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
Key Benefits of Odoo Customization Services
byCandidRoot Solutions Private Limited
 
AI/ML Infra Meetup | Open Source Michelangelo: Uber's Predictive to Generativ...
byAlluxio, Inc.
 
Smarter Testing Safer Systems Balancing AI and Oversight in Regulated Environ...
byApplitools
 
BI and Reporting Software Turning Clinic Data Into Smarter, More Compassionat...
byEasy Clinic
 
The Evolution of Project Portfolio Management - What Modern PMOs Are Doing Di...
byOnePlan Solutions
 
vMix Overview & Key Features Easily Produce, Record and Live Stream
byIGM Soraing
 
DSD-INT 2025 Thermal and chemical plumes of sea cooling water from PEM platfo...
byDeltares
 
DSD-INT 2025 3D Modeling of Shallow Water Dynamics Using Delft3D FM - Martins
byDeltares
 
Threat Hunting with Garuda: From Manual Analysis to AI-Driven Hunting By Monn...
byCysinfo Cyber Security Community
 
Working of Minimax Algorithm with Alpha-Beta Pruning.pptx
byMuhammadHassanArshad2
 
Combinatorial Interview Problems with Backtracking Solutions - From Imperativ...
byPhilip Schwarz
 
Short Film Script Development Process HARMONIA
byzdolezalmedia
 

An introduction to cyber forensics and open source tools in cyber forensics

  • 1.
    An Introduction to CyberForensics and Open Source Tools in Cyber Forensics Anoop John Founder & CTO Zyxware Technologies
  • 2.
    Cyber Forensics OSTools What is Cyber Forensics Cyber - A prefix used in a growing number of terms to describe new things that are being made possible by the spread of computers. Anything related to the Internet also falls under the cyber category. Forensics – Scientific tests and techniques used in connection with the detection of crime Cyber Forensics – Discipline that combines elements of law and computer science to collect and anlayze data from computer systems, mobiles, networks, communication systems, and storage devices in a way that is admissible in a court of law
  • 3.
    Cyber Forensics OSTools What is Digital Evidence? Information and data of value to an investigation that is stored on, received, or transmitted by an electronic device. This evidence is acquired when data or electronic devices are seized and secured for examination.
  • 4.
    Cyber Forensics OSTools Where do you find Digital Evidence? Digital Evidence may be found in Storage devices like hard disc CD DVD memory card USB drive mobile phones SIM card Online resources like mail servers cloud servers / data centers
  • 5.
    Cyber Forensics OSTools How can you hide Digital Evidence? Digital Evidence can be hidden in Files Password protected files Encrypted files Steganography files Hard Drives Encrypted drives Formatted hard disc HPA (Host Protected Area) DCO (Device Configuration Overlay)
  • 6.
    Cyber Forensics OSTools What can Digital Evidence be related to? Digital Evidence could be related Online fraud Organized crime Identity / Data theft Unauthorized access Malicious files / Virus attack / Cyber attack Data alteration Cyber defamation Cyber pornography Online gambling Sale of illegal items
  • 7.
    Cyber Forensics OSTools Phases in Cyber Forensics Phase 1: Identification of storage media for potential evidence / Identification of transmission media for collection of potential evidence Phase 2: Acquisition of the storage media / collection of transmitted information Phase 3: Securing collected media / data and forensic analysis of the acquired media Phase 4: Documentation & Reporting
  • 8.
    Cyber Forensics OSTools Analyzing acquired media/data Identifying traces of network / computer intrusion Processing network packets, log files Identifying & examining malicious files Employing techniques to crack file & system passwords Detecting steganography Recovering deleted, fragmented, hidden & corrupted data Analyzing online activities
  • 9.
    Cyber Forensics OSTools Handling acquired media/data Maintaining evidence custody procedures Preventing tampering Identifying tampering Courtroom presentation
  • 10.
    Cyber Forensics OSTools Pros of Open Source Tools Low capital cost Minimal / No operational cost Minimal / No maintenance cost Algorithm/logic is known to the user Source code is freely available for access, editing & customization Extensive support from the open source community Free usage to any number of users
  • 11.
    Cyber Forensics OSTools Cons of Proprietary Tools High capital cost High operational cost High maintenance cost Algorithm/logic not known. No access to source Heavy dependency on the software manufacturer Restricted usage
  • 12.
    Cyber Forensics OSTools Open Source Initiatives Belgian Federal Computer Crime Unit (FCCU) http://www.lnx4n6.be/index.php An advanced network forensic framework By: Australian Federal Police, Brisbane, Australia http://sourceforge.net/projects/pyflag/files/ Project in The Software and Systems Division supported by Law Enforcement Standards Office and Department of Homeland Security http://www.cftt.nist.gov/index.html
  • 13.
    Cyber Forensics OSTools Open Source Initiatives (cont...) The Open Computer Forensics Architecture (OCFA) is a modular computer forensics framework built by the Dutch National Police Agency http://ocfa.sourceforge.net/ ForeIndex: A Framework for Analysis and Triage of Data Forensics http://www.basistech.com/wp- content/uploads/2014/04/osdf-2011-silva- foreindex.pdf
  • 14.
    Cyber Forensics OSTools Open Source Tools in Acquisition Phase Digital Forensics Framework www.digital-forensic.org CAINE www.caine-live.net/ DEFT www.deftlinux.net/ OCFA http://sourceforge.net/projects/ocfa/ Sleuthkit http://www.sleuthkit.org
  • 15.
    Cyber Forensics OSTools Open Source / Free Tools in Analysis Phase Digital Forensics Framework www.digital-forensic.org CAINE www.caine-live.net DEFT www.deftlinux.net SAFT Mobile Forensics www.signalsec.com/saft SANS Investigative Forensics Toolkit – SIFT http://digital- forensics.sans.org/community/downloads
  • 16.
    Cyber Forensics OSTools Open Source / Free Tools in Analysis Phase (cont...) Sleuthkit Autopsy http://www.sleuthkit.org/autopsy/ Sleuthkit http://www.sleuthkit.org/sleuthkit/ Live View http://liveview.sourceforge.net/
  • 17.
    Cyber Forensics OSTools Open Source / Free Tools in Analysis Phase (cont...) Analyzing RAM CMAT http://sourceforge.net/projects/cmat Volafox https://www.volatilesystems.com/default/volatility Volatile https://www.volatilesystems.com/default/volatility Network Forensics WireShark http://www.wireshark.org NetworkMinor http://networkminer.en.malavida.com/
  • 18.
    Cyber Forensics OSTools Open Source / Free Tools in Analysis Phase (cont...) Registry analysis Registry Decoder http://www.digitalforensicssolutions.com/registrydec oder/ Password cracking Free Tools http://www.openwall.com/john Cracking Passwords for Windows, PDF, Word RAR , ZIP & Excel http://pcsupport.about.com/od/toolsofthetrade/tp/ password-cracker-recovery.htm
  • 19.
    Cyber Forensics OSTools Open Source / Free Tools in Analysis Phase (cont...) Detecting Pornography Redlight Porn Scanner http://dfcsc.uri.edu/research/redLightTrial http://www.nij.gov/topics/technology/pages/software- tools.aspx
  • 20.
    Cyber Forensics OSTools Questions? info@zyxware.com +91-9446069446
  • 21.
    Cyber Forensics OSTools Thank you
  • 22.
    Cyber Forensics OSTools Credits & References http://www.slideshare.net/SagarRahurkar/digital- forensics-best-practices-with-the-use-of-open- source-tools-and-admissibility-of-digital-evidence- in-courts https://en.wikipedia.org/wiki/Computer_forensics http://www.slideshare.net/prashant3535/digital- crime-forensics-15360016 http://resources.infosecinstitute.com/computer- forensics-tools/ http://www.gfi.com/blog/top-20-free-digital- forensic-investigation-tools-for-sysadmins/ http://www.digitalforensicsassociation.org/opensour ce-tools/