applications/forensics tools

aeskeyfind - aeskeyfind - locate 128-bit and 256-bit AES keys in a captured memory image

Website: https://citp.princeton.edu/research/memory/code/
License: GPL
Vendor: cert.org
Description:
This program illustrates automatic techniques for locating 128-bit and
256-bit AES keys in a captured memory image.

The program uses various algorithms and also performs a simple entropy
test to filter out blocks that are not keys. It counts the number of
repeated bytes and skips blocks that have too many repeats.

This method works even if several bits of the key schedule have been
corrupted due to memory decay.

This package is useful to several activities, as forensics investigations.

Packages

aeskeyfind-1.0-4.fc25.x86_64 [14 KiB] (no changelog entry)

Listing created by Repoview-0.6.6-1.el6