Computer crime forensics resources

AccessData Known best for their Password Recovery Toolkit. AccessData's site offers information about this and other security related tools and you will find several free tools here. Also you will find several articles and links regarding cryptography and related subjects.
Digital Intelligence, Inc Digital Intelligence designs and builds computer forensic software and hardware. They also offer free forensic utility software for law enforcement.
Fred Cohen & Associates (ForensiX) This site is full of network security and information warfare articles and white papers. Fred Cohen is one of the most recognized, respected, and requested names in information protection today. Mr. Cohen has created a comprehensive forensic examination tool called ForensiX for the linux platform. Information about ForensiX.
Guidance Software The creators of the popular GUI based Forensic tool EnCase. Besides information regarding their EnCase forensic tool there is a bulletin board with a number of forums relating to their products and computer forensics.
ILook's Home Page ILook Image Investigator © is a forensic software tool. It is designed to allow an investigator to access the partition file system(s) on forensic images created by many of the best known forensic imaging systems.
Maresware - Danny Mares Danny Mares has been authoring computer forensic tools for law enforcement for many years. This site provides access to all his tools as well as a number of articles and papers relating to computer foernsics. Information regarding Danny Mares computer forensic training can also be found here.
NTI - Computer Evidence Leaders NTI has a comprehensive suite of comuter forensic tools which have been used by law enforcement for many years. There are also many very good articles concerning technical and legal issues surrounding computer forensics.
Sydex WWW Home Page Recently bought by NTI, Inc. this is the home of one of the most used Imaging tools, Safeback. Also tools for imaging and analyzing diskettes, TeleDisk, AnaDisk, and CopyQM can be found here.
USSS&IACP Digital Evidence Best Practices. The on-line verion of IACP & USSS's - Best Practices For Seizing Electronic Evidence booklet.
WetStone Technologies, Inc. WetStone Technologies is a developer of Information Security Technologies. This site includes some excellent technical papers concerning Advancing Crime Sceen Computer Forensics, Time Lining Computer Evidence, Using SmarCards and Digital Signatures to Preserve Electronic Evidence among others.
U.S. Code Search Search the United States Code - This database is a consolidation and codification by subject matter of the general and permanent laws of the United States. The Office of the Law Revision Counsel of the U.S. House of Representatives prepares and publishes the United States Code.
CCCIPS Computer Crime and Intellectual Property Section (CCIPS) of the Criminal Division of DOJ. This site contains many articles and papers relating to the legal and policy issues surrounding computer crime. Among the many resources at this site is the Federal Guidlines for Searching and Seizing Computers.
Cornell Law School Legal Information Institute A comprehensive source of state and federal laws. Not only are current federal and state laws available here but also recent court opinions and current legal studies.
Online Services List A great resource!! This list is maintained by James Nerlinger, Jr and contains a variety of ISPs and similar information services, specifically, contacts at the legal departments for service of subpoenae, court orders, and search warrants.
Hale's HIW: Partition Tables All About Partition Tables and Sectors and FDISK - A very complete description of how partition tables work.
The PC Guide! On outstanding resource! This site was created to be a comprehensive, general resource on IBM-compatible personal computers. You will find high-level descriptions of how a computer works, comprehensive technical information on the functioning various parts of a modern PC, detailed information on system care, protecting your system from viruses, and backups, both general and specific information on troubleshooting and repairing PCs, system optimization information that can help you easily get more from your existing machine, specific procedures for performing hardware and software tasks on your PC, references to many other hardware and software web pages.
Motherboard HomeWorld This site provides up-to-date and relevant motherboard technology information including news, reviews, specifications, and tips.
Operating Systems Tutorial An outstanding tutorial on the PC boot process.
The Tech Page, Hard Drive Jumpers and Specifications The database at this site holds jumpers and specifications on thousands of hard drives from hundreds of manufacturers! This site provides a huge list of cable, connector, and adapter pinouts with diagrams. A great resource when dealing with cables and connectors.
Complete illustrated Guide to the PC Hardware This site is a great resource! An extremely comprehensive and detailed technical guide to Intel 86x based hardware and operating systems.
Western Digital Corporation's Technolgy Library The Technology Library contains technology papers, installation guides, specification sheets, technical reference manuals, general information sheets, and more.
Wim's BIOS Page Another great resource! This site has just about everything you want to know about the PC BIOS. Plus utilities and links to the major BIOS manufacturer sites.
Win98 Central An excellent site for news, articles, reviews, and utilities for Windows98 and Intell base hardware. An outstanding source! Provides access to an extremely comprehensive list of current hardware drivers for your Win NT/9x systems. Including drivers for printers, cdroms, modems, sound cards, mice, monitors, etc. This site also has utility software, tech tips, and tutrials available.
FLETC/Financial Fraud Institute FLETC and the Financial Fraud Institue offer several extensive courses in both computer forensics and computer crime investigations.
HTCIA International HTCIA is one of the primary sponsers of this symposium. HTCIA was created to encourage, promote, aid, and effect the voluntary interchange of data, information, experience, and knowledge about methods, processes regarding high tech crime. HTCIA offers many training seminars and symposiums to find out about them check out this web site.
IACIS IACIS is an international volunteer non-profit corporation composed of law enforcement professionals dedicated to education in the field of forensic computer science. IACIS is dedicated to the education and certification of law enforcement professionals in the filed of computer forensic science.
NCTP: Training The National Cybercrime Training Partnership (NCTP) currently offers training in Basic Data Recovery and Analysis. NCTP is also the sole authorized distributor of the "Cyber Crime Fighting Tape." You may obtain additional information on the tape and who may order the tape by accessing the hyperlink at the top of this page.
SEARCH Training The SEARCH National Technical Assistance and Training Program provides comprehensive, hands-on training to local, state and federal agencies on computer technology issues with criminal justice applications, including several courses specific to computer crime and computer forensics.
The Institute of Police Technology & Management The Institute of Police Technology and Management offers "The Computer Crime Investigations Course" a (CCIC-Level 1) this course is designed to train municipal, county, state and federal law enforcement investigators in the basics of computer crime investigation.
Goverment & Law Enforcement
DOD's Computer Forensics Laboratory Baltimore City PD
FBI's Washington Field Office Infrastructure Protection and Computer Intrusion Squad Fairfax County, Va. PD
Federal Trade Commission Maryland State Police
JUSTNET - National Law Enforcement and Corrections Technology Center Metropolitan Police Department, Washington, DC
NSA Montgomery County, MD PD
U.S. Customs Service Prince George's County, MD PD
U.S. Postal Inspection Service Richmond, Va. PD
United States Secret Service Virginia State Police
Information Research
File Extensions File extensions are often used to determine the program that created the file. While there is no guarantee users will not rename files and/or associate odd extensions with particular programs, this site lists some fairly standard associations.
What Is...every file format in the world This is a list of file name extensions or suffixes that indicate the format or usage of a file and a brief description of that format.
Wotsit's Format This site contains file format information, including header/foot signatures, on hundreds of different file types and all sorts of other useful programming information; algorithms, source code, specifications, etc.
Cryptography & Steganography
Counterpane Labs An outstanding site about cryptography containing numerous technical papers about the subject. Free tools can also be found here. Counterpane Labs is the research arm of Counterpane Internet Security, Inc. Counterpane Internet Security, Inc. offers leading-edge expertise in the fields of 24x7 intrusion detection and prevention, preemptive threat discovery, forensic research, and organizational IT systems analysis.
Steganalysis - Attacks against Steganography and Watermarking - Countermeasures An excellent site about Steganography and Steganalysis. Includes white papers on steganalysis and countermeasures among other things.
Network & Information Security
AntiCode A very comprehensive library of network exploits.
AntiOnline - Computer Security - Hacking & Hackers This site is all about network security and hacking.
CERT® Coordination Center CERT Coordination Center, studies Internet security vulnerabilities, provide incident response services to sites that have been the victims of attack, publishes a variety of security alerts, research security and survivability in wide-area-networked computing, and develop information to help you improve security at your site.
CIAC Security Website Department of Energy's CIAC provides incident response services. This site contains many tools and much information regarding network security and intrusions.
CSI/FBI Computer Crime and Security Survey The "Computer Crime and Security Survey" is conducted by CSI with the participation of the San Francisco Federal Bureau of Investigation (FBI) Computer Intrusion Squad. The aim of this effort is to help raise the level of security awareness as well as determine the scope of computer crime in the United States.
The Cyberlaw Encylopedia A helpful catalog of cybercrimes with related information, case citations, and other resources.
ICSA 2000 - Library A library or papers and information about network security.
Infowar This is Winn Schwartau's site and is very comprehensive.
Information Warfare, I-War, IW, C4I, Cyberwar This page will help you increase your understanding of information warfare - You will find a huge number of links to sites about all aspects of Information Warfare.
L0pht Heavy Industries Creators of Back Orifice and L0phtCrack this site has several tools and lots security and hacker related information.
NIPC The National Information Protection Center. The mission of the NIPC is both a national security and law enforcement effort to detect, deter, assess, warn of, respond to, and investigate computer intrusions and unlawful acts, both physical and "cyber," that threaten or target our critical infrastructure. You will find network security advisories, alerts, and warnings here as well as timely information on cyber vulnerabilities, hacker exploit scripts, hacker trends, virus information.
Rootshell This site is filled with news, documentation, and code about network exploits.
SANS SANS is a research and education organization where many system administrators, computer security professionals, and network administrators share information. SANS offers training, courses and newsletters on a variety of topics related to computer security.
SARC An excellent site concerning computer viruses. At Symantec's Anti-Virus Research Center not only will you find a complete list and description of computer viruses and hoaxes here. You can conduct and on-line virus and security check as well. You will also find many excellent white papers on the subject of computer viruses.
2600: The Hacker Quarterly The URL name says it all.
Search engines & "whois" - Search any domain name in the world! If a "whois" database does not exist for a particular domain name, a Root Name Server query will check the domain's availability
APNIC Whois Search Search the Asia Pacific Whois Database
ARIN: Whois SearcheARIN’s database to locate information on networks, autonomous system numbers (ASNs), network-related handles, and other related Points of Contact (POCs). Search Usenet Newsgroups
Dogpile The Dogpile metasearch interface takes a single query and processes it so that you will get the maximum benefit from your search. They currently support many of the webs most popular search tools.
Freeality Internet Search Engines This site provides an interface to hundreds of Internet Search Engines.
The Internet Sleuth This site is a collection of over 900 searchable databases on the Internet on a wide variety of subjects
NIPRNET Search the DOD Whois Database
Ripe Whois Search the European Whois Database This site takes a hostname or an IP address, guesses at the domain name, and then runs some whois queries to find out who owns the domain and the block of IP addresses it lives in, and traces the route packets take to the host.
The Ultimates Here you can search resources from all over the net like phone books, email directories, and trip planners. But this isn't just another list of links. The form for each resource is integrated into the site, and Javascript copies the information from one blank to another so you can use everything out there with a minimum of time and effort.
Web-based internet tools
Multiple Ping Reply Web based ping tool
Multiple Tracerout Reply Web Based tracerout tool
Network Group Services This site allows you to ping or traceroute to hosts on other networks.
Nslookup Gateway Nslookup is used to find the physical IP address where the domain name resides
Web Anonymizer Provides its users the ability to surf the web in a private and anonymous fashion
LinuxWorld LinuxWorld is a Web-only magazine that provides news and technical information about Linux and open source software
Linux Documentation Project The Linux Documentation Project is working on developing free, high quality documentation for the GNU/Linux operating system. The overall goal of the LDP is to collaborate in all of the issues of Linux documentation. This includes the creation of "HOWTOs" and "Guides". We hope to establish a system of documentation for Linux that will be easy to use and search.
REDHAT.COM -- Serving the Linux and Open Source Communities Home of one of the most popular Linux distribution. Much information on Linux can be found here. Also Red Hat's Training and Certification information is available here.