A free, community-sourced, machine-readable knowledge base of forensic artifacts
that the world can use both as an information source and within other tools.
py-bcrypt is a Python wrapper of OpenBSDs Blowfish password hashing code,
as described in A Future-Adaptable Password Scheme by Niels Provos and
David Mazieres.
dfDateTime, or Digital Forensics date and time, provides date and time
objects to preserve accuracy and precision.
Obfsproxy is a pluggable transport proxy written in Python.
This library implements Blowfish, DES, and Triple-DES.
dfVFS, or Digital Forensics Virtual File System, provides read-only access to
file-system objects from various storage media types and file formats. The goal
of dfVFS is to provide a generic interface for accessing file-system objects,
for which it uses several back-ends that provide the actual implementation of
the various storage media types, volume systems and file systems.
Oinkmaster is simple Perl script released under the BSD license to help you
update your Snort 1.9+ rules and comment out the unwanted ones after each
update. It will tell you exactly what had changed since the last update,
hence giving you good control of your rules.
Pairing-based cryptography is a relatively young area of cryptography
that revolves around a certain function with special properties.
The PBC (Pairing-Based Cryptography) library is a free C library
(released under the GNU Public License) built on the GMP library that
performs the mathematical operations underlying pairing-based
cryptosystems.
The PBC library is designed to be the backbone of implementations of
pairing-based cryptosystems, thus speed and portability are important
goals. It provides routines such as elliptic curve generation, elliptic
curve arithmetic and pairing computation. Thanks to the GMP library,
despite being written in C, pairings times are reasonable.
dfWinReg, or Digital Forensics Windows Registry, is a Python module that
provides read-only access to Windows Registry objects.
This library contains the opty2 library for dynamic generation of x86 multi-byte
NOPs. This is useful in writing exploits and encoders. It allows you to dynamic
generate variable length instruction sets that are equivalent to a No Operation
(NOP) without using the actual 0x90 bytecode. The original code was written by
Optyx and spoonm.