Download

Description

"An Internet Explorer activity forensic analysis tool."

Many important files within Microsoft Windows have structures that are undocumented. One of the principals of computer forensics is that all analysis methodologies must be well documented and repeatable, and they must have an acceptable margin of error. Currently, there are a lack of open source methods and tools that forensic analysts can rely upon to examine the data found in proprietary Microsoft files.

Many computer crime investigations require the reconstruction of a subject's internet activity. Since this analysis technique is executed regularly, we researched the structure of the data found in Internet Explorer activity files (index.dat files). Pasco, the latin word meaning "browse", was developed to examine the contents of Internet Explorer's cache files. The foundation of Pasco's examination methodology is presented in the white paper located here. Pasco will parse the information in an index.dat file and output the results in a field delimited manner so that it may be imported into your favorite Spreadsheet program. Pasco is built to work on multiple platforms and will execute on Windows (through Cygwin), Mac OS X, Linux, and *BSD platforms. you can free download Pasco 1.0 now.

Keywords

hertz car sales pasco

Related Software

• WSDigger
  WSDigger is a free open source tool
• IPv4Trace
  IPv4 fragment reassembly implementation.
• Carbonite
  Incident Response vs. Loadable Kernel Module Rootkits
• SiteDigger
  SiteDigger 2.0 searches Google’s cache to look for vulnerabilities
• Toolk
  Tools to help examine NTFS for unauthorized activity.
• CodeScout
  Foundstone CodeScout is a free tool
• Hacme Bank
  Hacme Bank is designed to teach application developers
• Fpipe
  FPipe is a source port forwarder/redirector.
• 
  UDP packet sender utility.
• Galleta
  A Internet Explorer Cookie Forensic Analysis Tool
• 
  A Recycle Bin Forensic Analysis Tool.
• 
  An update of the highly popular Windows port scanning tool, SuperScan.
• Hacme Shipping
  Foundstone Hacme Shipping is a web-based shipping application
• PatchIt
  A binary file byte-patching program.
• Fport
  Identify unknown open ports and their associated applications
• MessengerScan
  Vulnerability Detection Utility with Advanced Immediate Protection Capability!
• Vision
  Vision is a host based Forensic Utility
• SSLDigger
  SSLDigger v1.02 is a tool to assess the strength of SSL servers
• 
  An Internet Explorer activity forensic analysis tool.
• 
  Mydoom worm scanner
• 
  A small, quick TCP service stress test tool.
• 
  SNScan allows for the scanning of SNMP specific ports
• 
  A scanner for the infamous Back Orifice program.
• 
  Traceroute and Whois program.
• HackPack
  Foundstone HackPack is a tool designed to aid security
• Foundstone CredDigger
  Foundstone CredDigger is a tool that attempts to gather data to assist
• 
  A network admin utility for remotely detecting the most common DDoS programs.
• FSCrack
  provide a graphical user interface (GUI) for access to most of JtR’s functions
• 
  Remote Task Scheduler scanner
• CookieDigger
  CookieDigger helps identify weak cookie generation
• Attacker
  A TCP/UDP port listener.
• CredDigger
  A tool that attempts to gather data to assist with penetration
• RPCScan
  A utility that can quickly and accurately identify Microsoft operating systems
• 
  Finds Ascii, Unicode and Resource strings in a file.
• Hacme Books
  Foundstone Hacme Books is a learning platform for secure software development
• 
  Cisco IOS IPv4 Remote Denial of Service Vulnerability Detection Utility
• 
  Show information about Windows. Reveal passwords etc.
• SiteScope
  Foundstone�s SiteScope creates a site map
• 
  NTLast is specifically targeted for serious security and IIS administration.
• fileWATCH
  A file change monitor. Used with BlackICE Defender.
• 
  A scriptable, server stress testing tool.
• 
  Microsoft UPnP MS05-039 Vulnerability Detection Utility
• 
  Command line port scanner.