Traceroute improved wrapper for CSIRT and CERT operators
updated at Aug. 6, 2021, 6:54 p.m.
A simple many-rules to many-files YARA scanner for incident response or malware zoos.
updated at July 6, 2023, 2:10 a.m.
PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
updated at Jan. 29, 2024, 5:35 p.m.
Tools for the Computer Incident Response Team
updated at Jan. 31, 2024, 10:04 a.m.
A modular Python application to collect intelligence for malicious hosts.
updated at Feb. 9, 2024, 5:33 p.m.
Web interface for the Volatility Memory Forensics Framework
updated at April 4, 2024, 10:44 p.m.
Incident Response Forensic Framework
updated at April 27, 2024, 8:49 a.m.
Remote Memory Acquisition Tool
updated at April 27, 2024, 8:50 a.m.
(DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
updated at April 27, 2024, 8:50 a.m.
A Python library to interface with a cuckoo-modified instance
updated at May 7, 2024, 12:53 p.m.
Forensic tool for acquisition, triage and analysis of remote block devices via iSCSI protocol.
updated at May 10, 2024, 9:09 a.m.
A modular Python application to pull intelligence about malicious files
updated at May 14, 2024, 12:11 p.m.