SPECTR3 by alpine-sec
Forensic tool for acquisition, triage and analysis of remote block devices via iSCSI protocol.
created at May 4, 2023, 4:51 p.m.
domfind by diogo-fernan
A Python DNS crawler to find identical domain names under different TLDs.
created at April 24, 2015, 10:18 a.m.
pyarascanner by nogoodconfig
A simple many-rules to many-files YARA scanner for incident response or malware zoos.
created at May 3, 2018, 11:49 a.m.
PowerSponse by swisscom
PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
created at Sept. 14, 2017, 9:15 a.m.
cuckoo-modified-api by keithjjones
A Python library to interface with a cuckoo-modified instance
created at Sept. 25, 2016, 4:15 p.m.
mutablesecurity by MutableSecurity
CLI program for automating the setup, configuration, and use of cybersecurity solutions
created at March 15, 2022, 11:25 a.m.
traceroute-circl by CIRCL
Traceroute improved wrapper for CSIRT and CERT operators
created at Dec. 5, 2010, 3:08 p.m.
artifacts-kb by ForensicArtifacts
Digital Forensics Artifacts Knowledge Base
created at Jan. 17, 2018, 7:31 p.m.
dumpit-linux by MagnetForensics
Memory acquisition for Linux that makes sense.
created at Oct. 9, 2022, 7:49 p.m.
artifactcollector by forensicanalysis
🧠The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
created at Jan. 3, 2020, 3:16 p.m.
logdissect by dogoncouch
CLI utility and Python module for analyzing log files and other data.
created at Feb. 19, 2017, 8:31 p.m.
appcompatprocessor by mbevilacqua
"Evolving AppCompat/AmCache data analysis beyond grep"
created at April 2, 2017, 6:11 p.m.
fileintel by keithjjones
A modular Python application to pull intelligence about malicious files
created at Aug. 30, 2016, 5:35 p.m.
CIRTKit by opensourcesec
Tools for the Computer Incident Response Team 
created at Oct. 19, 2015, 3:50 p.m.