ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Jesse Kornblum

From ForensicsWiki
Revision as of 19:53, 5 August 2010 by Jessek (Talk | contribs) (Removed deleted Wikipedia reference)

Jump to: navigation, search

Jesse Kornblum is a computer forensics author, researcher and engineer. You can read his official web site. His Curriculum Vitae has a current list of his papers. He currently works for Kyrus Technology.

Tools

md5deep and hashdeep - Cross platform recursive hashing and auditing programs, respectively. Computes MD5, SHA-1, SHA-256, Tiger and Whirlpool hashes. Can also match against sets of known hashes. The latter program uses multihashing to conduct a computer forensics audit.

foremost - File carving program

ssdeep - Usually called Fuzzy Hashing, this program implements Context Triggered Piecewise Hashing.

FRED - The First Responder's Evidence Disk

dc3dd - A patch to add forensics features to GNU dd

Miss Identify - Program to identify Win32 executables that don't have an executable extension. Can also identify all executables.