Software/Code

Software/Code

Anti-Forensics

Python XOR – Running Encrypted Python Code from Memory

Max - April 25, 2024

This program will execute XOR encrypted ciphertext (Python code) when provided the right passphrase or key, in memory.

Digital Forensics

Generate an Unlimited Amount of VeraCrypt Containers

Max - March 30, 2024

The major goal of this software is to frustrate a digital forensics examination by overwhelming an investigator with encrypted containers.

Digital Forensics

LSB Steganography Password Protect with Encryption in Python using PNG Files

Max - March 29, 2024

This software implements LSB Steganography password protect, as described and demonstrated in the link above, and in addition, message encryption. This way a user can encrypt their hidden message using Fernet, with a passphrase.

Digital Forensics

LSB (Least Significate Bit) Steganography in Python using PNG Files

Max - March 28, 2024

Using LSB Steganography in Python to hide a message in a PNG. Input and extract hidden messages using Least Significant Bit Steganography.

Software/Code

Steganography by File Appending – Hiding a zip File in a jpg

Max - March 23, 2024

Appending a ZIP file to the end of a JPG image is a straightforward process because the JPEG format's structure allows the image to remain valid and viewable in image viewers, while the ZIP file remains accessible with archive managers.

Digital Forensics

Reading the Notepad Tab Cache

Max - February 29, 2024

This software will gather notepad.exe tab cache data and print it to standard output in json format. Notepad keeps a cache of open tabs, meaning it remembers which files or documents you have open in the editor even if you close Notepad and reopen it later.

Digital Forensics

Disabling UserAssist in Registry

Max - February 20, 2024

UserAssist registry forensics is a method used to investigate the activity of users on a Windows operating system.

Software

Simple C# Timestomp

Max - November 29, 2023

SharpTimestomp.exe is a simple proof-of-concept timestomp application that modifies date/time values for the file indicated in the arguments.

Software

SimpleWiper Suite – Wiping Files With C#

Max - August 27, 2023

The SimpleWiper suite of tools includes a SimpleFileWiper application. This application will calculate the size of the file to be deleted. It will then overwrite the file with random data.

Software/Code

C# – Kill Process (FTK Imager)

Max - August 22, 2023

Simple C# application demonstrating how to kill running processes. In this case, the Digital Forensics software. C# Kill Process

12 Page 1 of 2

Latest news

How Viable is a File System Mini-Filter Driver for Whitelisting File Modifications on a Windows Volume (ransomware protection)?

November 19, 2024