Command line utility and Python package to ease the (un)mounting of forensic disk images
updated at May 15, 2024, 10:31 a.m.
$MFT directory tree reconstruction & FILE record info
updated at May 15, 2024, 9:58 p.m.
Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
updated at May 16, 2024, 11:23 a.m.
"Evolving AppCompat/AmCache data analysis beyond grep"
updated at May 16, 2024, 1:39 p.m.
StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.
updated at May 17, 2024, 9:17 p.m.
Digital Forensics Artifacts Knowledge Base
updated at May 18, 2024, 5:38 a.m.
Web browser forensics for Google Chrome/Chromium
updated at May 20, 2024, 1:19 a.m.
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
updated at May 20, 2024, 8:26 a.m.
CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.
updated at May 20, 2024, 1:19 p.m.
Investigate suspicious activity by visualizing Sysmon's event log
updated at May 20, 2024, 2:51 p.m.
A forensic evidence collection & analysis toolkit for OS X
updated at May 20, 2024, 6:15 p.m.