Digital Forensics

What is odessa?

It’s an acronym for “Open Digital Evidence Search and Seizure Architecture”
The intent of this project is to provide a completely open and extensible suite of tools for performing digital evidence analysis as well as a means of generating a usable report detailing the analysis and any findings. The odessa tool suite currently represents more than 7 man years of labor, and consists of 3 highly modular cross-platform tools for the acquisition, analysis, and documentation of digital evidence.

In addition to the odessa tool suite, the project hosts other applications and information related to digital forensics. At this time, the list of additional tools includes a set of whitepapers and utilities authored by Keith J. Jones including Galleta, a tool for analyzing Internet Explorer cookies, Pasco, a tool for analyzing the Microsoft Windows index.dat file, and Rifiuti, a tool for investigating the Microsoft Windows recycle bin info2 file.

CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics
Currently the project manager is Nanni Bassetti.
CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface.
The main design objectives that CAINE aims to guarantee are the following:

  • an interoperable environment that supports the digital investigator during the four phases of the digital investigation
  • a user friendly graphical interface
  • a semi-automated compilation of the final report

We recommend you to read the page on the CAINE policies carefully.
CAINE represents fully the spirit of the Open Source philosophy, because the project is completely open, everyone could take the legacy of the previous developer or project manager. The distro is open source, the Windows side (Wintaylor) is open source and, the last but not the least, the distro is installable, so giving the opportunity to rebuild it in a new brand version, so giving a long life to this project ….

http://linuxzoo.net/page/tut_caine_lab1.html

Information Systems Security


The Open Source Security Testing Methodology

http://www.isecom.org/mirror/OSSTMM.3.pdf


The Information Systems Security Assessment Framework (ISSAF) seeks to integrate the following management tools and internal control checklists:

Evaluate the organizations information security policies & processes to report on their compliance with IT industry standards, and applicable laws and regulatory requirements
Identify and assess the business dependencies on infrastructure services provided by IT
Conduct vulnerability assessments & penetration tests to highlight system vulnerabilities that could result in potential risks to information assets
Specify evaluation models by security domains to :
Find mis-configurations and rectify them
Identifying risks related to technologies and addressing them
Identifying risks within people or business processes and addressing them
Strengthening existing processes and technologies
Provide best practices and procedures to support business continuity initiatives

Business Benefits of ISSAF

The ISSAF is intended to comprehensively report on the implementation of existing controls to support IEC/ISO 27001:2005(BS7799), Sarbanes Oxley SOX404, CoBIT, SAS70 and COSO, thus adding value to the operational aspects of IT related business transformation programmes.
Its primary value will derive from the fact that it provides a tested resource for security practitioners thus freeing them up from commensurate investment in commercial resources or extensive internal research to address their information security needs.
It is designed from the ground up to evolve into a comprehensive body of knowledge for organizations seeking independence and neutrality in their security assessment efforts.

It is the first framework to provide validation for bottom up security strategies such as penetration testing as well as top down approaches such as the standardization of an audit checklist for information policies.


The Open Web Application Security Project (OWASP) is an open-source application security project. The OWASP community includes corporations, educational organizations, and individuals from around the world. This community works to create freely-available articles, methodologies, documentation, tools, and technologies. The OWASP Foundation is a 501(c)(3)charitable organization that supports and manages OWASP projects and infrastructure. It is also a registered non profit in Europe since June 2011.

OWASP is not affiliated with any technology company, although it supports the informed use of security technology. OWASP has avoided affiliation as it believes freedom from organizational pressures may make it easier for it to provide unbiased, practical, cost-effective information about application security.[citation needed] OWASP advocates approaching application security by considering the people, process, and technology dimensions.

OWASP’s most successful documents include the book-length OWASP Guide,[1] the OWASP Code Review Guide OWASP Guide [2] and the widely adopted Top 10 awareness document.[3][citation needed] The most widely used OWASP tools include their training environment,[4] their penetration testing proxy WebScarab,[5] and their .NET tools.[6] OWASP includes roughly 190 local chapters [7] around the world and thousands of participants on the project mailing lists. OWASP has organized the AppSec [8] series of conferences to further build the application security community.

OWASP is also an emerging standards body, with the publication of its first standard in December 2008, the OWASP Application Security Verification Standard (ASVS).[9] The primary aim of the OWASP ASVS Project is to normalize the range of coverage and level of rigor available in the market when it comes to performing application-level security verification. The goal is to create a set of commercially workable open standards that are tailored to specific web-based technologies. A Web Application Edition has been published. A Web Service Edition is under development.

the OWASP Top Ten Project – if you’re looking for the OWASP Top 10 Mobile Click Here
The Release Candidate for the OWASP Top 10 for 2013 is now available here: OWASP Top 10 – 2013 – Release Candidate

The OWASP Top 10 – 2013 Release Candidate includes the following changes as compared to the 2010 edition:

  • A1 Injection
  • A2 Broken Authentication and Session Management (was formerly A3)
  • A3 Cross-Site Scripting (XSS) (was formerly A2)
  • A4 Insecure Direct Object References
  • A5 Security Misconfiguration (was formerly A6)
  • A6 Sensitive Data Exposure (merged from former A7 Insecure Cryptographic Storage and former A9 Insufficient Transport Layer Protection)
  • A7 Missing Function Level Access Control (renamed/broadened from former A8 Failure to Restrict URL Access)
  • A8 Cross-Site Request Forgery (CSRF) (was formerly A5)
  • A9 Using Known Vulnerable Components (new but was part of former A6 – Security Misconfiguration)
  • A10 Unvalidated Redirects and Forwards

Please review this release candidate and provide comments to dave.wichers@owasp.org or to the OWASP Top 10 mailing list (which you must be subscribed to). The comment period is open from Feb 16 through March 30, 2013 and a final version will be released in May 2013.

If you are interested, the methodology for how the Top 10 is produced is now documented here: OWASP Top 10 Development Methodology

OWASP Appsec Tutorial Series

Uploaded on Jan 30, 2011
The first episode in the OWASP Appsec Tutorial Series. This episode describes what the series is going to cover, why it is vital to learn about application security, and what to expect in upcoming episodes.

Uploaded on Feb 8, 2011
The second episode in the OWASP Appsec Tutorial Series. This episode describes the #1 attack on the OWASP top 10 – injection attacks. This episode illustrates SQL Injection, discusses other injection attacks, covers basic fixes, and then recommends resources for further learning.

Uploaded on Jul 11, 2011
The third episode in the OWASP Appsec Tutorial Series. This episode describes the #2 attack on the OWASP top 10 – Cross-Site Scripting (XSS). This episode illustrates three version of an XSS attack: high level, detailed with the script tag, and detailed with no script tag, and then recommends resources for further learning.

Published on Sep 24, 2012
The forth episode in the OWASP Appsec Tutorial Series. This episode describes the importance of using HTTPS for all sensitive communication, and how the HTTP Strict Transport Security header can be used to ensure greater security, by transforming all HTTP links to HTTPS automatically in the browser.


DEFT 7 is based on the new Kernel 3 (Linux side) and the DART (Digital Advanced Response Toolkit) with the best freeware Windows Computer Forensic tools. It’s a new concept of Computer Forensic system that use LXDE as desktop environment and WINE for execute Windows tools under Linux and mount manager as tool for device management.

It is a very professional and stable system that includes an excellent hardware detection and the best free and open source applications dedicated to Incident Response, Cyber Intelligence and Computer Forensics.

DEFT is meant to be used by:

Military
Police
Investigators
IT Auditors
Individuals

DEFT is 100% made in Italy

rooting

Is the allure of being a superuser tempting you? Android rooting opens up a world of possibility, but it can also void your warranty, or even leave you with a bricked device. The important thing is to be careful. Read up about what you are going to do before you begin. Make sure that you backup your data. Follow the instructions to the letter. Manufacturers and carriers have a vested interest in dissuading you from rooting. If you’re careful, the risk is minimal, and the potential benefits are impressive. Let’s take a closer look.

Around since the early days of the T-Mobile G1 (HTC Dream), rooting can add functionality to a phone and often extend the life of the device. The T-Mobile G1, for instance, was officially supported through Android 1.6 Donut, but if you rooted the phone, you could load an alternative developer-made version of the OS that offered most of Android 2.2 Froyo’s features.

I’m going to share some of rooting’s benefits and risks, where to find some great replacements for the default Android OS, and a few other tips. If you have any of your own that I haven’t covered here, please add them to the comments below.

What is rooting?

Rooting, in a nutshell, is the process that provides users with full administrator control and access to an Android smartphone or tablet. Similar to “jailbreaking” an iOS device, this is often done in order to bypass carrier or handset maker limitations or restrictions. Once you achieve “root access,” you can replace or alter applications and system settings, run specialized apps, and more.

One of the more common reasons to root a phone is to replace the operating system with a ROM, another developer’s version of the OS that also gives you more control over details. In rooting culture, we’d call that “flashing a custom ROM.”

The process of rooting an Android phone varies for each device, but seems to have been streamlined over time. Google’s Nexus line of phones, such as the LG-made Nexus 4, appeals to developers and techie types and are among the most often rooted models. With that in mind, you’ll also find that popular devices like the Samsung Galaxy S3 and HTC One X+ have plenty of custom ROMs to choose from.

Note that rooting will void the device warranty; however, flashing a stock ROM can revert things back to their original state.

Why root?

There are multiple reasons for you to consider rooting your Android handset, some more obvious than others. Chief among the benefits is the ability to remove any unwanted apps and games that your carrier or phone maker installs before you ever unwrap your phone. Rather than simply disabling these bloatware titles, which is often the best you can do within Android, rooting can grant you a full uninstallation. Deleting apps you’ll never use can also free up some additional storage capacity.

Another main benefit of rooting is to enable faster platform updates. From the time it takes for Google to announce a new version of Android to the time your carrier pushes it to your device can be on the order of weeks, months, or even longer. Once rooted, you can often get some of the new platform features through custom ROMs in short order. This could, for some users, add years of life to an Android handset — rather than buy a new phone, flash a new ROM.

Other reasons to root a phone include being able to perform complete device backups, integrate tethering and mobile hot-spot features, and extend the device’s battery life through newfound settings and controls.

How to root your Android

What are the risks?

As I mentioned above, rooting your device can void your warranty. This is perhaps the biggest risk associated with playing around with your phone. If you run into big trouble and you’ve added a custom ROM build, your manufacturer and carrier likely won’t help you out.

In most cases, you’ll be able to overturn any ROM you flash, returning to the phone’s stock Android OS with as much ease as you installed the new ROM in the first place. However, a word of caution. If you’re not careful, or don’t follow the steps properly, you could end up with a glorified paperweight. Yes, I’m talking about “bricking” your device. It’s vitally important that you exercise caution when attempting to root your phone and pay close attention to what you’re doing.

Stick to the more reputable sources for help and feedback, and look for the most recent news about ROMs and your particular Android device. Along those lines, you’ll also want to ensure that you read through everything you can before starting down this road. If you’re in a forum thread, skim the replies to see if there are issues or problems with your particular handset.

Helping hands

For help with rooting, I would first recommend XDA developers, AndroidCentral forums, Androidforums, and Rootzwiki. I also suggest checking Google+ as a good source for rooting and modding news and feedback. The rooting scene is not some secret underground Fight Club; you’ll find plenty of documented help for rooting your phone. Filter your results by date, read through the details, and understand what it is you are about to do.

CyanogenMod is one of the oldest and feature-rich ROMs available.(Credit: CyanogenMod)

More about ROMs

For all practical purposes, (custom) ROMs are replacement firmware for Android devices that provide features or options not found in the stock OS experience. Often built from the official files of Android or kernel source code, there are more than a few notable ROMs to consider. Among the more popular custom ROMs are CyanogenMod, Paranoid Android, MIUI, and AOKP (Android Open Kang Project). There are, of course, countless others to check out, with more arriving almost daily.

In terms of sheer support and development, CyanogenMod is the clear leader in this field. The number of supported devices is unparalleled and the community has long rallied around this ROM. This is not meant to say that it’s necessarily the “best” ROM; beauty is in the eye of the beholder.

Closely resembling the stock Android experience, CyanogenMod has been known to introduce features that later end up in official builds of Android. As of today there are more than 4.2 million active installations of CyanogenMod releases, with v10.1 (based on Android 4.2 Jelly Bean) being the latest.

Paranoid Android is one of the more popular custom ROMs for Android.(Credit: Paranoid Android)

Where to look for ROMs

Forums are going to be a great place to keep yourself plugged in, but the larger ROM developers will provide their own Web sites. Aside from the aforementioned custom ROMs, others that have gained a strong following include SynergyROM, Slim Bean, LiquidSmooth, RevoltROM, and Xylon. Be warned: talking about ROMs can often result in heated debate as to which is better or offers more options.

Noteworthy apps

Aside from installing custom ROMs, rooting your phone opens the door to installing new apps and gaining extended device management and security functionality beyond what comes with the usual Android OS experience.

Should you decide to not load a new ROM interface, you can still install apps that add new levels of functionality to your rooted Android phone. Today’s more popular titles include ROM Toolbox Pro, Titanium Backup, Touch Control, Cerberus anti-theft, and SetCPU. The appeal of each will vary depending upon on how much you want to tweak your Android experience.

For those of you who plan to flash ROMs on a regular basis, I recommend starting with ROM Manager. This utility lets users manage backups and recoveries, install ROMs, and other handy functions. While it is available as a free app, the premium client has ROM update notifications, nightly ROM downloads, set automatic backups, and other features.

ROM Toolbox Pro is a handy utility for rooted users.(Credit: JRummy Apps)

Backup plans

When it comes to rooting your phone, it is always a good idea to have backup plans in place. After all, you’ll need something to fall back on should you run into an issue with an untested or experimental ROM. While Titanium Backup seems to be the most popular, Carbon has gained quite a fan base of late. Regardless of which route you take, it’s important to create a backup and test it before you apply a custom ROM.

Become familiar with the process and make sure that you’ll be able to restore things in the event of a catastrophe. It might take some practice and you could spend more time than you’d like creating this backup, but it could be all that stands between you and expensive phone repair.

Indeed, there is plenty to consider when it comes to rooting your Android phone. Rest assured, though, that no matter how daunting the task might seem, there’s a large community of users out there who will have your back. And while the actual rooting process varies with each handset model, on the whole, it isn’t as difficult as it may sound.

If you’ve read through this post and still don’t know if rooting is for you, my suggestion is to give it more time and mull it over. Replacing the default Android OS certainly isn’t for everyone and there’s quite a bit more on the topic besides. For many people, myself included, the rewards of tweaking your Android phone to have it exactly the way you want it are worth the risk.

What is rooting?

If you’re an Administrator on a Windows machine, you have access to the entire operating system and you can do whatever you like. That’s essentially what happens if you root your Android device. With root access, you can get around any restrictions that your manufacturer or carrier may have applied. You can run more apps; you can customize your device to a greater degree; and you can potentially speed it up in a variety of ways.

The process involves backing up your current software and then flashing (installing) a new custom ROM (modified version of Android).

Why would you root?

One of the most obvious incentives to root your Android device is to rid yourself of the bloatware that’s impossible to uninstall. You’ll be able to set up wireless tethering, even if it has been disabled by default. You can also access your entire file system, install special apps that require a root, and flash custom ROMs, which can add extra features and streamline your phone or tablet’s performance. A lot of people are tempted by the ability to completely customize the look of their phones. You can also manually accept or deny app permissions.

You won’t find a lot of amazing must-have apps when you root, but there are enough to make it worthwhile. For example, some apps allow you to automatically backup all of your apps and all of their data, completely block advertisements, create secure tunnels to the Internet, overclock your processor, or make your device a wireless hotspot.

Why wouldn’t you root?

There are essentially three potential cons to rooting your Android.

  • Voiding your warranty: Some manufacturers or carriers will use rooting as an excuse to void your warranty. It’s worth keeping in mind that you can always unroot. If you need to send the device back for repair, simply flash the original backup ROM you made and no one will ever know that it was rooted.
  • Bricking your phone: Whenever you tamper too much, you run at least a small risk of bricking your device. This is the big fear everyone has. The obvious way to avoid it happening is to follow instructions carefully. Make sure that the guide you are following works for your device and that any custom ROM you flash is designed specifically for it. If you do your research and pay attention to feedback from others, bricking should never occur.
  • Security risks: Rooting may introduce some security risks. Depending on what services or apps you use on your device, rooting could create a security vulnerability. For example, Google refuses to support the Google Wallet service for rooted devices.

How to root your Android

Before you actually try to root your device, make sure that you do some reading. The best place to find discussions about rooting, guides, and custom ROMs is definitely the XDA Developers Forum. Look for a thread on your specific device and you’re sure to find a method that has worked for other people. It’s worth spending some time researching the right method for your device.

Preparation for root

You’ll want to ensure that your device is fully charged before you begin. You’ll also need to turn USB debugging on. On the Galaxy S3 you’ll find it in Menu > Settings > Developer options and then check the box next to USB debugging. You will likely be plugging your device into your computer in order to root it.

Most Android rooting methods require you to install some software on your computer. It’s likely you’ll need to install the Android SDK. You may find other software is required. Make sure you follow the instructions and install all of it before proceeding.

One-click rooting

One of the easiest methods of rooting, which also supports a long list of devices, is SuperOneClick. You’ll find clear instructions, including a video, on how to use it at this XDA Developers SuperOneClick thread.

You will need to install some software to prepare, but the actual rooting process is one click. It will only take a few minutes to complete and then you’ll need to restart your Android device.

There is software out there that claims to provide one click rooting with no extra installs, but you should not have to pay to root your device and it’s very important to be wary about the method you choose. If in doubt, do more research. The XDA Developers forum is the most trustworthy source for rooting guides.

Your specific device

The reason rooting isn’t more straightforward is that all Android devices are not created equal. There are significant differences between Android smartphones, between manufacturers, and even between carrier specific versions of the same phone model. Make sure that any rooting guide or custom ROM you intend to use does support your specific device or you are asking for trouble.

Once you have found the right guide for your phone or tablet, it’s simply a case of working through the listed steps methodically. It can be a complicated procedure and it can take a while. Here’s an example guide for rooting the Samsung Galaxy S3. It can appear intimidating at first glance, but provided you follow it step-by-step, it should be a pain-free process. You can post questions in the XDA Developers forum if you run into trouble.

To root or not to root

Gaining full root access to your Android device can be thrilling, especially if you want to tinker with settings and customize your device. How much it changes your experience depends largely on the device you have. If you have a shuttered device, like a Kindle Fire tablet, then it’s a great way to get the full Android experience.

The potential benefits for all Android users include improved battery life, root-only apps, custom ROMs, overclocking, an end to bloatware, improved performance, and the ability to upgrade your phone when you want. If you aren’t excited at the prospect of any of these things, rooting probably isn’t for you.

Read more: http://www.digitaltrends.com/mobile/how-to-root-android/#ixzz2VG0X985Z
Follow us: @digitaltrends on Twitter | digitaltrendsftw on Facebook

Continue reading “rooting”

Android SDK

Android software development is the process by which new applications are created for the Android operating system. Applications are usually developed in the Java programming language using the Android Software Development Kit, but other development tools are available. As of October 2012[update], more than 700,000 applications have been developed for Android, with over 25 billion downloads.[2][3] A June 2011 research indicated that over 67% of mobile developers used the platform, at the time of publication.[4] In Q2 2012; around 105 million units of Android smartphones were shipped which acquires a total share of 68% in overall smartphones sale till Q2 2012.[5]

The ADT Bundle provides everything you need to start developing apps, including a version of the Eclipse IDE with built-in ADT (Android Developer Tools) to streamline your Android app development. If you haven’t already, go download the Android ADT Bundle. (If you downloaded the SDK Tools only, for use with an existing IDE, you should instead read Setting Up an Existing IDE.)

Install the SDK and Eclipse IDE

  1. Unpack the ZIP file (named adt-bundle-<os_platform>.zip) and save it to an appropriate location, such as a “Development” directory in your home directory.
  2. Open the adt-bundle-<os_platform>/eclipse/ directory and launch eclipse.

That’s it! The IDE is already loaded with the Android Developer Tools plugin and the SDK is ready to go. To start developing, read Building Your First App.

Caution: Do not move any of the files or directories from the adt-bundle-<os_platform> directory. If you move the eclipse or sdk directory, ADT will not be able to locate the SDK and you’ll need to manually update the ADT preferences.

Additional information

As you continue developing apps, you may need to install additional versions of Android for the emulator and other packages such as the library for Google Play In-app Billing. To install more packages, use the SDK Manager.

Everything you need to develop Android apps is on this web site, including design guidelines, developer training, API reference, and information about how you can distribute your app. For additional resources about developing and distributing your app, see the Developer Support Resources.

There is a community of open-source enthusiasts that build and share Android-based firmware with a number of customizations and additional features, such as FLAC lossless audio support and the ability to store downloaded applications on the microSD card.[42] This usually involves rooting the device. Rooting allows users root access to the operating system, enabling full control of the phone. In order to use custom firmwares the device’s bootloader must be unlocked. Rooting alone does not allow the flashing of custom firmware. Modified firmwares allow users of older phones to use applications available only on newer releases.[43]

Those firmware packages are updated frequently, incorporate elements of Android functionality that haven’t yet been officially released within a carrier-sanctioned firmware, and tend to have fewer limitations. CyanogenMod and OMFGB are examples of such firmware.

On 24 September 2009, Google issued a cease and desist letter[44] to the modder Cyanogen, citing issues with the re-distribution of Google’s closed-source applications[45] within the custom firmware. Even though most of Android OS is open source, phones come packaged with closed-source Google applications for functionality such as the Android Market and GPS navigation. Google has asserted that these applications can only be provided through approved distribution channels by licensed distributors. Cyanogen has complied with Google’s wishes and is continuing to distribute this mod without the proprietary software. He has provided a method to back up licensed Google applications during the mod’s install process and restore them when it is complete.[46]

The NDK is a toolset that allows you to implement parts of your app using native-code languages such as C and C++. For certain types of apps, this can be helpful so you can reuse existing code libraries written in these languages, but most apps do not need the Android NDK.

Before downloading the NDK, you should understand that the NDK will not benefit most apps. As a developer, you need to balance its benefits against its drawbacks. Notably, using native code on Android generally does not result in a noticable performance improvement, but it always increases your app complexity. In general, you should only use the NDK if it is essential to your app—never because you simply prefer to program in C/C++.

Typical good candidates for the NDK are self-contained, CPU-intensive operations that don’t allocate much memory, such as signal processing, physics simulation, and so on. When examining whether or not you should develop in native code, think about your requirements and see if the Android framework APIs provide the functionality that you need.


MobileGo is a life saver for those who love music and video, text a lot and juggle apps on their Android phones and tablets.

Android Fans:Backup everything to PC with 1 click & retain 100% quality.
Music Lovers:Instantly add fun stuff and enjoy media anytime, anywhere.
App Addicts:Download, install, uninstall and export apps quickly and easily.
Socialites:Transfer contacts from/to Outlook and send & reply SMS seamlessly from your PC.
The Android 3.1 platform (also backported to Android 2.3.4) introduces Android Open Accessory support, which allows external USB hardware (an Android USB accessory) to interact with an Android-powered device in a special “accessory” mode. When an Android-powered device is in accessory mode, the connected accessory acts as the USB host (powers the bus and enumerates devices) and the Android-powered device acts as the USB device. Android USB accessories are specifically designed to attach to Android-powered devices and adhere to a simple protocol (Android accessory protocol) that allows them to detect Android-powered devices that support accessory mode.[22]