±Forensic Focus Partners
±Your Account
Site Members:
 New Today: 3
|
 Overall: 35388
|
 New Yesterday: 4
|
 Visitors: 166
|
±Latest Articles
±Latest Jobs
±Latest Webinars
Back to top
Skip to content
Skip to menu
Back to top
Back to main
Skip to menu
You could create a parser in python to detect added or modified firewall rules in Windows. Each Windows OS comes with a predefined set of firewall rules. Some apps add new rules, but I would like to have a forensics tool to detect them, in an idea case with a timestamp of the change. AFAIK there is no such tool available to detect firewall rules created by malware, hackers or OS updates.
regards, Robin
_________________
--
All opinions are mine and are not necessarily the opinions of my employer.
Project ideas - Python forensics
-
Husnain - Newbie
Project ideas - Python forensics
Posted: Jan 03, 19 10:14
Hello everyone!
I will be starting a final year university project soon and I was just wondering if any of you guys could help me.
I was wondering what projects I can create with a focus on python for computer forensics? Any programs that could potentially help the community, areas that I could explore that need more research. Any ideas are most welcome!
I have thought about creating a parser for deleted SQLite records, but would like opinions on more ideas.
Any ideas are appreciated. Have a great day
I will be starting a final year university project soon and I was just wondering if any of you guys could help me.
I was wondering what projects I can create with a focus on python for computer forensics? Any programs that could potentially help the community, areas that I could explore that need more research. Any ideas are most welcome!
I have thought about creating a parser for deleted SQLite records, but would like opinions on more ideas.
Any ideas are appreciated. Have a great day
-
Bunnysniper - Senior Member
Re: Project ideas - Python forensics
Posted: Jan 03, 19 14:42
- HusnainAny ideas are appreciated.
You could create a parser in python to detect added or modified firewall rules in Windows. Each Windows OS comes with a predefined set of firewall rules. Some apps add new rules, but I would like to have a forensics tool to detect them, in an idea case with a timestamp of the change. AFAIK there is no such tool available to detect firewall rules created by malware, hackers or OS updates.
regards, Robin
_________________
--
All opinions are mine and are not necessarily the opinions of my employer.
-
pbobby - Senior Member
Re: Project ideas - Python forensics
Posted: Jan 03, 19 15:11
A tool that takes web browser history and extracts meta from website APIs.
For example, internetHX (of any browser) contains youtube video activity - extract meta based on video IDs.
Or, internetHX (of any browser) contains twitter activity, posts, retweets etc, extract data from Twitter API.
Crraigslist activity, ebay activity, general searches if you feel inclined.
And so forth - and then the output in a timeline format similar to other timeline tools out there.
_________________
Don't get baited.
For example, internetHX (of any browser) contains youtube video activity - extract meta based on video IDs.
Or, internetHX (of any browser) contains twitter activity, posts, retweets etc, extract data from Twitter API.
Crraigslist activity, ebay activity, general searches if you feel inclined.
And so forth - and then the output in a timeline format similar to other timeline tools out there.
_________________
Don't get baited.