Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
|Operating Systems||OS Independent|
Release Notes: The partition-agent extension automatically adds partitions to case when a data source is set. New registry report: "Shared Folders". Minor improvements have been made.
Release Notes: This release features the new Gigatribe Agent extension, an extension to browse Gigatribe chat files. Five new registry reports have been added to the hive-report extension: Gigatribe accounts, Gigatribe download folders, Gigatribe requested passwords, Ares Search History, and Wifi Network List. Minor improvements and bugfixes have been made.
Release Notes: This release adds support for physical device's datasources. Minor improvements were made. Bugs were fixed.
Release Notes: This release features the Turing extension, an extension to handle cryptographic services. It is fully integrated to the Hive (registry) extension, so that when registry files are opened, it automatically records the user account password hashes and tests keywords such as LSA secrets, e-mail passwords, and Internet Explorer Autocomplete, among others. All hashes and passwords found are stored in an SQLite database. The Turing extension exports and imports to/from John The Ripper .pot files and to John The Ripper hash files.
Release Notes: The Partition Viewer extension provides a viewer for partition tables. The GTK-UI Treeview extension implements a treeview based on treenodes. Minor improvements have been made.