Here is a list of tools that we created over time. For more information about the actual implementation or collaboration, see the corresponding publication (c+p the title(s) into the search):
mrsh & co.
mrsh_cuckoo (last update 2015/04/10) |
is a similiartiy hashing / approximate matching tool equal to mrsh-net but uses Cuckoo filter instead of Bloom filter. This increases runtime efficiency and needs less memory. |
mrsh_net (last update 2014/11/12) |
is the network implementation of mrsh-v2 which has a single huge Bloom filter for the signature. |
mrsh_v2.0 (last update 2013/10/04) |
is the original similarity hashing tool that allows to compares files / folders with each other. |
Further tools & data
FRASH_v1.01 (last update 2013/02/19) |
is a testing framework for approximate matching algorithms. Special thanks to Georgios Stivaktakis for the development and Edward Raff for the installations instructions. |
Tool x86 / Tool x64 (last update 2013/02/19) |
an application that allows direct network-based communication with the Programable Logic Controller GE Fanuc Series 90-30 (no intermediate server is needed). Note, in contrast to what is mentioned in the publication, we removed the write functionality for security reasons. |
Timeline2GUI-Tool
Training Cases |
Timelin2GUI Tool and the training cases (three test cases to practice Log2Timeline). To check for updates, please see the corresponding github page. |
Digital Forensics Tool Table (last update 2020/06/11) |
is a list of forensics tools identified while reviewing almost 800 research articles from various digital forensic venues (2014-2019). |
Estimate Levenshtein Distance (last update 2021/10/14) |
is a tool (written in GoLang) that can estimate the Levenshtein Distance (LD) between two or more documents and is significantly faster than the original LD as it works on compressed signatures. |