Army Provides Open Source Network Forensic Tool

It’s official, the US Army Research Lab has posted its first ever application to GitHub, and it’s open source!

The US Army Research Lab has recently made available Dshell, which helps cyber-defenders identify attacks on their networks. This forensic network analysis tool, has been used for nearly five years to help the Army identify and interpret attacks on within their own Defence Network. William Glodek the Network Security branch chief at ARL stated that by making it available on GitHub, other developers would be able to extend it via adding further modules, bringing further benefit to the wider digital forensics and incident response community.

The original Dshell application was added to the GitHub on Dec. 17, 2014 and now has more than a dozen contributors and more than 2,000 unique visitors. The idea to share the product was driven by ARL recognising that both industry and Academia face the same problem and it is the first official Army page on Github according to Glodek. He went on to state that “For a long time, we have been looking at ways to better engage and interact with the digital forensic and incident response community through a collaborative platform”. Noting the challenges that are raised from the traditional methods of sharing software.

The original release from the ARL is here.

To visit the GitHub page and download the tools

For those of you who download and use the tool, drop any comments in the reply, we’d like to hear what you think!