Does anyone know where to obtain known good and known bad hash sets. I have done some research and have found hashkeeper, and the DOJ, NDIC but am having trouble obtaining these hash sets. Any info?
Does anyone know where to obtain known good and known bad hash sets.
Of what?
Since you didn't specify OSs or anything, places to start (15 secs on Google)
http//
http//
Recommendation, If your working with the NIST hashes I recommend converting then in Linux using comand line, as the files are massive. That way you can sort out the duplicated hashes.(if you want all as a whole).
If your looking for the Known Victim Database Hashes you probably will not get ahold of the md5 or sha1 hashes unless your law enforcement
(I tried calling around for my md5 database program no luck there)
I would also recommend using Nists Utility to separate all the hashes by OS as that will make processing alot easier.
Are you trying to sort out what is benign and what is potential evidence, or what is known evidence?
edit*
After working with FTK 1.7 and 2.0 I believe it may have the known Vic database built in to thier program Not sure though.