Difference between pages "Steganalysis" and "Hash (tool)"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
 
m
 
Line 1: Line 1:
==External links==
+
{{Expand}}
===Steganalysis===
+
{{Infobox_Software |
* [http://www.sarc-wv.com Steganography Analysis and Research Center] The Steganography Analysis and Research Center is a Center of Excellence within Backbone Security focused exclusively on steganography research and development of steganalysis products and services.
+
  name = Hash |
===Steganalysis Training===
+
  maintainer = [[The Grugq]] |
* [http://www.sarc-wv.com/training.aspx Steganography Examiner Training]
+
  os = {{Linux}} |
===Algorithms and Tools===
+
  genre = |
* [http://www.sarc-wv.com/safdb.aspx Steganography Application Fingerprint Database] A fundamental goal of the SARC is to collect steganography, watermarking, and other data-hiding applications from various sources and incorporate file profiles computed from them into the SAFDB. The SAFDB can be used to review files on seized media by matching file profiles in the SAFDB. SAFDB is the most extensive steganography hash set publicly available. The file profiles contain identifying information such as filename, associated application name, file size, and several unique hash values. These hash values may be used to determine the presence of a steganography application or artifact of a steganography application on the media being examined. The SAFDB is available for download in formats compatible with most of the popular digital forensic tools and utilities: EnCase, Forensic Toolkit (FTK), HashKeeper, ILook, and ProDiscover.
+
  license = |
* [http://www.sarc-wv.com/stegalyzeras.aspx Steganography Analyzer Artifact Scanner (StegAlyzerAS)] StegAlyzerAS gives you the capability to scan the entire file system, or individual directories, on suspect media for the presence of steganography application artifacts. And, unlike other popular forensic tools, you can perform an automated or manual search of the Windows Registry to determine whether or not any Registry keys or values exist that can be associated with a particular steganography application.
+
  website = [http://www.tacticalvoip.com/ tacticalvoip.com] |
* [http://www.sarc-wv.com/stegalyzerss.aspx Steganography Analyzer Signature Scanner (StegAlyzerSS)] StegAlyzerSS gives you the capability to scan every file on the suspect media for the presence of hexadecimal byte patterns, or signatures, of particular steganography applications in the files. If a known signature is detected, it may be possible to extract information hidden with the steganography application associated with the signature.  
+
}}
* [http://www.sarc-wv.com/stegalyzerrts.aspx Steganography Analyzer Real-Time Scanner (StegAlyzerRTS)] StegAlyzerRTS is the first commercially available network security appliance in the world capable of detecting the fingerprints and signatures of digital steganography applications in real-time.
+
 
 +
===Background===
 +
 
 +
Hash ('''Ha'''cker '''She'''ll) is a tool to enable people to evade detection while penetrating a system.
 +
 
 +
Hash, originally written in 2003, was re-written in June 2007 and released at the Korean security conference, [http://www.powerofcommunity.net Power of Community] that November.
 +
 
 +
===Features===
 +
 
 +
'''Hacking utilities'''
 +
* Inline file transfer
 +
* qondom - remote diskless execution
 +
 
 +
'''Builtins'''
 +
* Triggers
 +
* Aliasing
 +
* Basic file system and shell escape commands
 +
 
 +
===External Links===
 +
* [http://powerofcommunity.net/poc2007/grugq.pdf PoC presentation: ''Hacking Sucks!'']
 +
* [http://www.tacticalvoip.com/tools.html hash-0.2.5.tar.gz]
 +
 
 +
[[Category:Anti-forensics tools]]

Latest revision as of 13:17, 1 September 2009

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

Hash
Maintainer: The Grugq
OS: Linux
Genre:
License:
Website: tacticalvoip.com

Background

Hash (Hacker Shell) is a tool to enable people to evade detection while penetrating a system.

Hash, originally written in 2003, was re-written in June 2007 and released at the Korean security conference, Power of Community that November.

Features

Hacking utilities

  • Inline file transfer
  • qondom - remote diskless execution

Builtins

  • Triggers
  • Aliasing
  • Basic file system and shell escape commands

External Links