ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between revisions of "Jesse Kornblum"

From ForensicsWiki
Jump to: navigation, search
m
 
(8 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Jesse Kornblum is a computer forensics author, researcher and engineer. You can read more about him in his [http://en.wikipedia.org/wiki/Jesse_Kornblum Wikipedia entry] or his [http://jessekornblum.com/ official web site]. His [http://jessekornblum.com/kornblum-cv.pdf Curriculum Vitae] has a current list of his papers. He current works for [[ManTech]].
+
Jesse Kornblum is a computer forensics author, researcher and engineer. You can read his [http://jessekornblum.com/ official web site]. His [http://jessekornblum.com/kornblum-cv.pdf Curriculum Vitae] has a current list of his papers.
  
 
== Tools ==  
 
== Tools ==  
  
[[md5deep]] - Cross platform recursive [[hashing]] program. Computes MD5, SHA-1, SHA-256, Tiger and Whirlpool hashes. Can also match against sets of known hashes.
+
[[md5deep]] and [[hashdeep]] - Cross platform recursive [[hashing]] and auditing programs, respectively. Computes MD5, SHA-1, SHA-256, Tiger and Whirlpool hashes. Can also match against sets of known hashes. The latter program uses [[multihashing]] to conduct a computer forensics audit.
  
 
[[foremost]] - File [[carving]] program  
 
[[foremost]] - File [[carving]] program  
Line 10: Line 10:
  
 
[[First Responder's Evidence Disk|FRED]] - The First Responder's Evidence Disk
 
[[First Responder's Evidence Disk|FRED]] - The First Responder's Evidence Disk
 +
 +
[[dc3dd]] - A patch to add forensics features to [[dd|GNU dd]]
 +
 +
[[Miss Identify]] - Program to identify Win32 executables that don't have an executable extension. Can also identify all executables.
  
 
[[Category:People]]
 
[[Category:People]]

Latest revision as of 14:08, 9 November 2012

Jesse Kornblum is a computer forensics author, researcher and engineer. You can read his official web site. His Curriculum Vitae has a current list of his papers.

Tools

md5deep and hashdeep - Cross platform recursive hashing and auditing programs, respectively. Computes MD5, SHA-1, SHA-256, Tiger and Whirlpool hashes. Can also match against sets of known hashes. The latter program uses multihashing to conduct a computer forensics audit.

foremost - File carving program

ssdeep - Usually called Fuzzy Hashing, this program implements Context Triggered Piecewise Hashing.

FRED - The First Responder's Evidence Disk

dc3dd - A patch to add forensics features to GNU dd

Miss Identify - Program to identify Win32 executables that don't have an executable extension. Can also identify all executables.