This article is based on Footprint and their Anti-Forensics Techniques like Memory injection and Syscall Proxying, Userland Execve Technique, Syscall proxying, Exploiting Forensics Tools Bugs,Detecting Forensic Tool Activities Memory injection and Syscall Proxying In the buffer over–flow exploit attack, the attackers use buffer overflows as entry to a remote system in order to inject and run code in the address space of a running program, thereby successfully altering the victim program’s behavior. Then, the attacker
Rootkits are one of the anti-forensic techniques that attackers use to hide data, malicious files, and processes. This software is intended to hide processes that could reveal an attack from the OS itself. Rootkits allow viruses and malware to “hide in plain sight” by concealing files in ways that antivirus software might overlook them, disguising files as legitimate system files, through unlinking processes, and even hiding from detection by the OS, Rootkits themselves are not
In this article Anti-Forensics Techniques has been explained with its different topic like Trail Obfuscation, Artifact Wiping, Encryption and Program Packers this techniques etc. 1. Anti-Forensics Techniques: Trail Obfuscation Anti-Forensics Techniques Trail Obfuscation is one of the anti-forensic technique that attackers use to mislead, divert, complicate, disorient, sidetrack, and/or distract the forensic examination process. The process involves different techniques and tools, such as Log cleaners Spoofing Misinformation Backbone hopping Zombie accounts Trojan commands In this
Detecting Steganography in this article how to detect Steganography explained with it types as well as Steganography detecting files explained with the help of tools using in stegenography and data hiding in file system structures technique. Software Clues on the Computer During investigation, the investigators should first look at files, documents, software applications, and other suspicious files for clues hidden through steganography. Steganography investigators should also know about common steganographic techniques, software, tools, terminologies, and
Understand Steganalysis is the process of discovering the existence of the hidden information within a cover medium. Steganalysis is the reverse process of steganography. It is one of the attacks on information security in which an attacker, called steganalyst, tries to detect the hidden messages embedded in images, text, audio, and video carrier mediums using steganography. It determines the encoded hidden message, and if possible, it recovers that message. It can detect the message by
Anti-Forensics Techniques: Steganography, the art of hidden writing, has been in use for centuries. It involves embedding a hidden message in some transport or carrier medium and mathematicians, military personnel, and scientists have been using it. They all engage in changing the common language and transferring it through secret and hidden communication. The history of steganography dates back to the Egyptian civilization. Today, with the emergence of the Internet and multimedia, the use of steganography
In this article explained Other Password Cracking Tools which are using password recovery application and tools for cracking password. 1. L0phtCrack Source: http://www.l0phtcrack.com LOphtCrack is a password recovery or auditing application. It helps to recover lost Microsoft Windows passwords by using dictionary attacks, hybrid attacks, rainbow tables, and brute-force attacks. Features: Supports pre-computed password hashes Imports and cracks Unix password files Imports passwords from remote Windows, including 64-bit versions of Vista, Windows 7, and Unix
ZIP/RAR Password Recovery Tool: Advanced Archive Password Recovery tool recovers protection passwords or unlocks encrypted ZIP and RAR archives created with all versions of popular archivers. The tool recovers passwords for plain and self-extracting archives created with PkZip, WinZip, RAR, and WinRAR automatically or with your assistance. Features: Supports all versions of ZIP/PKZip/WinZip, RAR/WinRAR, ARJ/WinARJ, and ACE/WinACE (1.x) Supports strong AES encryption found in WinRAR and the new versions of WinZip Exploits all known vulnerabilities
Application Password Cracking Tools in this article explained different types of application tools which are using in password cracking. The application including PDF, Word, Excel, PowerPoint presentation etc. 1. Passware Kit Forensic Source: http://www.lostpassword.com This complete electronic evidence discovery solution reports all password-protected items on a computer and gains access to these items using the fastest decryption and password recovery algorithms. Features: Recovers passwords for 200+ file types and decrypts hard disks providing an all-in-one
System software password cracking refers to the process of cracking the OS and all other utilities that enable a computer to function. The system creates passwords for the software to avoid access to system files and other secured information used during the booting of the system. Following are the ways by which one can access the system: Bypassing the BIOS password Using tools to reset the admin password 1. Bypassing BIOS Passwords Basic Input Output
