Open Source Computer Forensics Application needs your help!

Sorry for the overt title, but I really need your help.

I have been developing an Incident Reponse, Computer Forensics application for the Windows platform.

The tool has been tentatively called “wInvestigate”, however my creativity with names is rather poor, so other suggestions would be welcome.

To better explain the function of the tool, I’ve included the following loose summary:

wInvestigate is a Windows based application specifically designed to help administrators and security consultants assess the condition of a server or workstation prior to shutting it down and obtaining a forensic image of the server (a bit copy, perfect copy using specialized software). wInvestigate is capable of performing the following functions:

• Offline forensic preview of filesystem content( NTFS and FAT)

• Imaging (obtain perfect copy) of Physical System Memory

• Dump the contents of Allocated or Unalloced Files (Regular or Deleted Files)

• Dump a listing of current processes* and system settings

• Installed rootkits may not be detected.

The goals are simple, stay away for the typical items and terms associated with Computer Forensics and Incident Reponse. These would include, but are not limited to the following:

• Detective motif (pipe, hat, fingerprint, magnifying glass)

Please keep it clean, as the image and icon will be used in a professional setting, however all software will be open source licensed, images selected should be free of copyright restrictions.

So what do I need? I need an image suitable for presentation as a splash image (similar in dimensions to the Blender Splash) and I’ll need a windows icon (.ico). The two can be similar, or not, however make sure you follow the restrictions above.

Now, what will you win? Well I’ll make sure your name and email address, plus the name of your contribution appears in the About box and on the website for the application.

Seems to me the next logical thing would be to show you what the tool looks like…

Obtain a Forensic view of any system disk or Partition

Previewing the File System

Viewing the contents of a File

Snapshot Report of the Live Machine

Obtain a binary copy of Physical Memory (RAM)

Now, for the scheduling…

I think it’s fair to give two weeks for this contest(Deadline June 15, 2005: 09:00PM EST), as I plan on making some modifications and additions to the software over that time. Please post all official entries within this thread, if you have no server space to place the image, please PM me for assistance.

As for judging, I’ve decided to blend (pun intented) two worlds, I will be asking select members of the esteemed computer forensics community to help make the final decision. (Judging will last two weeks June 15 - 30th).

Not exactly sure how to I’m going to put that together, but we’ll make it work.

Lastly, I will notify the winner, and begin adding the new images to the software, I will also post a thread here at Elysiun with the winning image.

Best of luck to everyone, and thank you all in advance, I look forward to congratulating the winner!

sounds cool, i’m in.

Thanks Modron, as of right now you’d be the winner

I appreciate all the help.

-hz

well i unfortunatly have no time to do it but i can suggest an idea of what it would look like.

in my mind the first thing that comes to my head is X-Rays maybe an Xray image of a computer, or a HDD or somthing similar.

just some ideas for those who have more modeling skills than i do, but might not have had any ideas.

unless of course X-rays are another cliche?

quick google search came up with this…
http://www.petergof.com/x-ray/comps.htm

i think you could make it 3d, get rid of all the circuits (leave it as the disk in the drive, simple) and make somthing look awsome.

/me has to many ideas.

Alltaken

Wow, very interesting idea. Thanks!

If it would help if I extended the contest, I would be more than happy to, provided it’s alright with Modron.

Would more time get you the opportunity to be involved?

Regardless, I appreciate the suggestion.

it’s cool with me, i have a couple of ideas,…possibly will be incorporating my turtle with my original idea that was sort of similar to alltakens, but i have said enough! :Z i don’t want to give away my secrets!!

Modron, I really appreciate the assistance.

Don’t worry about the dates and deadlines, post whenever you feel comfortable.

Thanks!

hz

hey guys doesn’t anybody else want to do this? oh well, i guess i’ll get to it.

I would like to join but me and my dog are neck and neck on modeling skills

here’s where i’m at with it at the moment. i like this technique, but i’m going to try some variations. chrome, logo design doesn’t always require intensive modelling, you should go ahead and try.

hmm. For the name I was thinking of “X-Raw”.

X for Windows and Raw as in raw data to be saved (and it also sound like X-Ray). I was also thinking of Ghosting, Snapshot, Rawsnap, X-Measure, Secraw, Nigilant, Blackscreen.

Here’s a sample of the name in action:

Sorry for the delay everyone, we’ve had a serious medical emergency in the family so I’m just now getting back to this.

Wow! both submissions look great, I’ll have to talk to the judges and see where we go from here.

Thanks for your patience.

-hz

ah, sorry to hear that. i figured you had given up on this so i never really developed my idea too far. the other entry looks pretty sweet though.

Nope, hadn’t given up, just very pre-occupied.

However the family is back to 100% health so I wanted to get back to this.

Seems the other participant has disappeared though…

Ahh well… bad timing I guess.

hz