Pinned Repositories
AI
some little scripts of machine learning and genetic algorithms
crypto
# rsa_nb vigenere_nb Python programs for didactic use only just for explaining the basic working and rules of RSA and Vigenere algorithm
dbdec
DBCrack By Francesco Picasso - April 30, 2017 - Lazarus GUI for Windows by Nanni Bassetti (www.nannibassetti.com). DropBox decryptor
Imm2Virtual
This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, directly with VirtualBox, forensically proof.
nbtempo
This is a GUI (Graphical User Interface) Bash script for making files timelines and reporting them in CSV (electronic sheet) format. It needs TSK (The SleuthKit) and YAD (Yet Another Dialog).(TSK based) - digital forensics
NBTEMPOW
NBTempoW V. 2.1 is a forensic tool for making timelines from block devices image files (raw, ewf,physicaldrive, etc.). It uses TSK (The Sleuthkit) and it has been developed with Lazarus V. 1.6.2 ( Delphi compatible cross-platform IDE for Rapid Application Development). It runs only in Windows. If the device image file is splitted, you can select just the first chunk.
Raw2FS
Bash script for computer forensics - It's possible to resolve the file name starting from the carved file name generated by the Foremost tool and save it, it generates an HTML report. It's possible to resolve the file name starting from the offset of a "grep" keywords search. The tool identifies automatically the change of the partition and, if the keyword is contained into the slack space, saves the sector/cluster/block where it is. (remember that for fat -> sector, ntfs -> cluster, ext2/3 -> block) (The SleuthKit based)
txcomp
A simple script to compare two ASCII texts
USBnLnk
This program can correlate the dates of USB mass device connections with recent files and export a report in CSV format
xall
This is a forensic data and file extractor from devices and image files. sudo ./xall_1.x.x.sh for running it. It mounts a DD/EWF image files or devices (e.g. /dev/sdb); it copies all the allocated files, it extracts all deleted files and the slack space; It makes a data carving on the free space only. You can choose each type of extraction. It uses a GUI made with YAD (Yet Another Dialog), so it's simple and fast to use. You need: Don't use blank spaces in the image filename! YAD XMount The Sleuthkit (latest release) Photorec MD5Deep
nannib's Repositories
nannib/Imm2Virtual
This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, directly with VirtualBox, forensically proof.
nannib/crypto
# rsa_nb vigenere_nb Python programs for didactic use only just for explaining the basic working and rules of RSA and Vigenere algorithm
nannib/NBTEMPOW
NBTempoW V. 2.1 is a forensic tool for making timelines from block devices image files (raw, ewf,physicaldrive, etc.). It uses TSK (The Sleuthkit) and it has been developed with Lazarus V. 1.6.2 ( Delphi compatible cross-platform IDE for Rapid Application Development). It runs only in Windows. If the device image file is splitted, you can select just the first chunk.
nannib/Raw2FS
Bash script for computer forensics - It's possible to resolve the file name starting from the carved file name generated by the Foremost tool and save it, it generates an HTML report. It's possible to resolve the file name starting from the offset of a "grep" keywords search. The tool identifies automatically the change of the partition and, if the keyword is contained into the slack space, saves the sector/cluster/block where it is. (remember that for fat -> sector, ntfs -> cluster, ext2/3 -> block) (The SleuthKit based)
nannib/xall
This is a forensic data and file extractor from devices and image files. sudo ./xall_1.x.x.sh for running it. It mounts a DD/EWF image files or devices (e.g. /dev/sdb); it copies all the allocated files, it extracts all deleted files and the slack space; It makes a data carving on the free space only. You can choose each type of extraction. It uses a GUI made with YAD (Yet Another Dialog), so it's simple and fast to use. You need: Don't use blank spaces in the image filename! YAD XMount The Sleuthkit (latest release) Photorec MD5Deep
nannib/nbtempo
This is a GUI (Graphical User Interface) Bash script for making files timelines and reporting them in CSV (electronic sheet) format. It needs TSK (The SleuthKit) and YAD (Yet Another Dialog).(TSK based) - digital forensics
nannib/USBnLnk
This program can correlate the dates of USB mass device connections with recent files and export a report in CSV format
nannib/dbdec
DBCrack By Francesco Picasso - April 30, 2017 - Lazarus GUI for Windows by Nanni Bassetti (www.nannibassetti.com). DropBox decryptor
nannib/ks
This is a keywords searching tool.
nannib/AI
some little scripts of machine learning and genetic algorithms
nannib/imgmount
For forensic mounting DD/EWF image file or a block device - Linux bash script. It needs TSK (The Sleuthkit) and XMount and YAD (Yet Another Dialog)
nannib/txcomp
A simple script to compare two ASCII texts
nannib/audiodf
This program can detect if an audio message is a Deep Fake or it is genuine
nannib/myconn
It's a program to list all your network connections (in Windows OS) and to discover the process that is creating them. This program makes a report in which there are also the IP locations.