mvt
plaso
mvt | plaso | |
---|---|---|
91 | 3 | |
9,809 | 1,623 | |
1.1% | 1.0% | |
8.7 | 9.0 | |
7 days ago | 15 days ago | |
Python | Python | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
mvt
-
Exploiting the iPhone 4
Amnesty International released Mobile Verification Toolkit to check your phone for malware, by checking encrypted backups on your computer. https://github.com/mvt-project/mvt
-
Meduza co-founder's phone infected with Pegasus
From what I was able to read previously, it has no ability to spread by itself and has to be installed by a targeted attack. There is also a tool from Amnesty International that can detect it (or was able to): https://github.com/mvt-project/mvt
It is a race though, so past info may no longer be valid. However, I doubt it will ever be able to spread by itself, since it uses very expensive zero days to infect and they will be quickly fixed after detection.
-
NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild
Public Service Announcement:
Amnesty International has a program on GitHub with Citizens Lab for those keeping an eye out for additional protections
https://github.com/mvt-project/mvt
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
-
As recommended, I ask it here : how can I find out if my phone is being tapped, and what should I do if it is?
You can do a backup of your phone and analyze said backup using digital forensics to see if for example "automated software" will detect any of the more mainstream spyware/hacks. You can use mobile verification toolkit (mvt) to do this, but it won't detect everything. It is however a good start, you can investigate the basic results with limited knowledge and if something is detected you can further it up to a digital forensics company because it will very highly likely be beyond your qualifications to analyze by yourself. Hope this helps.
- How do I download this on iPhone
-
I dont know if i downloaded malware
I was extremly paranoid i got a virus a few months ago and i think i may have downloaded something. Its been more thank half a year and just remebered that i tried to download something from here,https://github.com/mvt-project/mvt i dont know if i was even sucessful, i am fully updated ios, cant find anything in files so i dont think i had it for very long and prob dealted after a whille
- iOS 16.5.1 TriangleDB spyware
-
Can anyone hack my phone via sending a WhatsApp Photo? How to know it?
If you wanna check your phone, maybe try using this: https://github.com/mvt-project/mvt
- Disabling Apple from Spying on You
-
Extent of getting hacked for iPhone vs Android
if android, this is available -- https://github.com/mvt-project/mvt
plaso
-
Custom DFIR
However, what you are trying to do has already been done. For collections look at velociraptor's offline collector https://github.com/Velocidex/velociraptor. For processing check out Log2Timeline (plaso) https://github.com/log2timeline/plaso.
-
I feel like I'm putting the cart before the horse. Noob question.
I see other folks already mentioned: think about trying to tell a story, rather than just like, looking at all the events (A tool like Plaso can help you timeline logs so you can see things chronologically which can help in telling a story about what happened across many log sources)
-
Solving a child porn case (student environment)
My advice would be to go through a timeline to assert the activity before and after these files "appeared" . This can be done in log2timeline / plaso , this script can parse the raw image (or e01 or whatever you have) and build a timeline , parse it and sort it. Also look for lnk files and shellbags to see if the files were opened , used etc.
What are some alternatives?
hardened_malloc - Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
IPED - IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.
whatsapp-media-decrypt - Decrypt WhatsApp encrypted media files
timesketch - Collaborative forensic timeline analysis
WhatsDump - Extract WhatsApp private key from any non-rooted Android device (Android 7+ supported)
OpenTimelineIO - Open Source API and interchange format for editorial timeline information.
AMDH - Android Mobile Device Hardening
covid-19-germany-gae - COVID-19 statistics for Germany. For states and counties. With time series data. Daily updates. Official RKI numbers.
XiaomiADBFastbootTools - A simple tool for managing Xiaomi devices on desktop using ADB and Fastboot
velociraptor - Digging Deeper....
WebKit - Home of the WebKit project, the browser engine used by Safari, Mail, App Store and many other applications on macOS, iOS and Linux.
srum-dump - A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.