Online resources

From Forensics Wiki
Revision as of 16:21, 25 February 2007 by Jessek (Talk | contribs)

Jump to: navigation, search

There are lots of web sites that can provide valuable information for forensic investigators. (This page will probably be broken into categories eventually...)

WHOIS Queries

The WHOIS Service can be used to find the owner of a domain. Sometimes this is only sufficient to find the registrar for a domain, but even that is a start.

Sample Cases

One of the most difficult things for new investigators is finding sample cases to work on.

  • The HoneyNet Project has several forensics challenges online. These include the "Scan of Month", "The Reverse Challenge," and "The Forensic Challenge." The last one asked entrants to examine a complete RedHat Linux system for information. All of these challenges include complete solutions.

Web Page Archives

Web page archives can give the investigator a look at what a web page used to look like. The most well known is the Google cache, but here are some others: