Skip to content

ArsenalRecon/NetWireStackForensics

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits

NwStacks

NwStacks

 
 

SampleFilesUploaded

SampleFilesUploaded

 
 

SampleStackSnapshots

SampleStackSnapshots

 
 

Artifacts-matrix.xlsx

Artifacts-matrix.xlsx

 
 

Decrypted-payloads.txt

Decrypted-payloads.txt

 
 

LICENSE.md

LICENSE.md

 
 

NetWire1.7-controls.txt

NetWire1.7-controls.txt

 
 

README.md

README.md

 
 

Repository files navigation

Project for NetWire Stack Forensics.

Please read the article "Forensic Analysis of the NetWire Stack" published in Digital Forensics Magazine Issue 52 (https://www.digitalforensicsmagazine.com) to understand this project.

We have analyzed NetWire 1.7 on the following operating systems:

  • Windows 7 32-bit
  • Windows 7 64-bit
  • Windows 8.1 64-bit
  • Windows 10 64-bit

Content

NwStacks

A PoC tool for scanning and analyzing NetWire 1.7 stacks.

Latest builds

https://github.com/ArsenalRecon/NetWireStackForensics/releases

SampleFilesUploaded

The files used for uploads during genration of test material.

SampleStackSnapshots

A collection of stack snapshots taken after a sequence of events.

  • win7-32
  • win7-32(article)
  • win7-64
  • win81-64
  • win10-64

Artifacts-matrix.xlsx

Spreadsheet with supplemental data to assist in analysis.

Decrypted-payloads.txt

Collection of decrypted payloads and associated controls.

NetWire1.7-controls.txt

List of valid controls.

License

MIT

About

Analysis of NetWire stacks

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

4 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases 1

v1.0.0.0 Latest
Jan 24, 2023

Packages

No packages published

Contributors 2

  •  
  •  

Languages