Web Historian gives a detailed report of browser history, although it locked up repeatedly before spitting out the facts. The program needs nearly 20MBs to download, and requires a quick registration during the installation. The small, unimaginative interface cuts to the chase with two simple options: you can search by specific browser history files, or search a directory and its sub-directories.
The program froze on more than one occasion during testing, but finally came through with great results. We’re pleased to find that it supports multiple browsers: Internet Explorer, Firefox, Mozilla, Netscape Navigator, Opera and Safari. Reports can be saved in an Excel spreadsheet (comma separated or tab delimited values) or our file format of choice here, HTML pages.
Web Historian’s organizational skills are impressive. The program created a folder to place separate HTML pages for each of our indicated browsers. Free for all, this application is a great way to track the use of your PC.
Web Historian is a good learning tool for forensic engineers. The tool is small portable and fast to retrieve data.
You can find our initial post regarding the Digital Forensics Framework or DFFhere. Now, the authors have released an updated version 0.7.0, that is dedicated to Digital Forensic Research Workshop or DFRWS 2010!
“DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.“
This release adds support for BSD systems with the customary bug fixes and GUI enhancements. The API was rewritten in this release to provide mapped file system objects, allowing data identification from a very low level. Attributes on nodes were improved, so that any module can dynamically add its own attributes.
Download Digital Forensics Framework version 0.7.0here
Okay so, after our old post regarding the list of Cell Phone Forensic tools!, we thought of following it up with a list of free and open source SIM card forensics tools. Without much ado, we present you a list of SIM card forensics tools:
SIMBrush: SIMbrush is a new open-source tool which can be used to extract all observable memory (the ones that can be explored by means of standard APIs) from SIM/USIM cards compatible with T_0 protocol. This program is capable of acquiring standard and non-standard files present into every SIM card. The operation of dumping the whole set of elementary files is time consuming and the extraction time is proportional to the number of dedicated files (DFs) present in the file system. The output of program is an XML file representing the SIM/USIM card file system, which can be also referred to as the primary copy. At the moment the tool functions on the Linux platform, but it is possible recompile it on the Windows one. Download SIMBrush betahere.
pySIM: It is also called as PySIMReader. pySIM is SIM card management tool, capable of creating, editing, deleting, backup and restore operations on your SIM Phonebook and SMS records. It is also open source which works on Windows 98 and later. Download pySIM version 14here.
SIMQuery: SIMQuery is a tool that retrieves the ICCID and IMSI from a GSM SIM card. This is a simple command line based tool, which requires that you have ID-1 to Plug-in adapter card. It is compatible on Windows 95 and upwards! It is not open source. Download SIMQuery here.
UndeleteSMS: UndeleteSMS can recover deleted SMS messages from a GSM SIM card. This tool also, is compatible Windows 95 and upwards. Download UndeleteSMS here.
These are the only open source and free tools that we could find. Basically, in a SIM card forensics, you need to acquire SIM Card and analyze the following:
