Jesse Kornblum

From ForensicsWiki
Revision as of 15:53, 5 August 2010 by Jessek (Talk | contribs)

Jump to: navigation, search

Jesse Kornblum is a computer forensics author, researcher and engineer. You can read his official web site. His Curriculum Vitae has a current list of his papers. He currently works for Kyrus Technology.


md5deep and hashdeep - Cross platform recursive hashing and auditing programs, respectively. Computes MD5, SHA-1, SHA-256, Tiger and Whirlpool hashes. Can also match against sets of known hashes. The latter program uses multihashing to conduct a computer forensics audit.

foremost - File carving program

ssdeep - Usually called Fuzzy Hashing, this program implements Context Triggered Piecewise Hashing.

FRED - The First Responder's Evidence Disk

dc3dd - A patch to add forensics features to GNU dd

Miss Identify - Program to identify Win32 executables that don't have an executable extension. Can also identify all executables.