Howdy all,
The Italian Chapter is proud to release the latest version of dorothy2 (our ruby-based malware analysis framework) :).
The new features introduced by this versions are severals. A lot of work has been done on the core system, by making the whole system even more modular and customisable. A dummy webgui written in Sinatra has been also introduced, in order to let the analyst able to browse within the results.
GSoC 2011 #8 project’s goal was to add forensics features to the popular Wireshark network analyzer.
Overview Wireshark is an open source network analyzer widely used for network debugging as well as security analysis. Wireshark provides network analyzer with graphical interface as well as command line tools. Wireshark also provides network protocol decoders and support filters that allow to search through packets with keywords.
GSoC plugins extend Wireshark capabilities when Wireshark is used to analyze network traffic with security and forensic in mind.