cuckoo-modified-api by keithjjones

A Python library to interface with a cuckoo-modified instance

created at Sept. 25, 2016, 4:15 p.m.

6 +0

21 +0

7 +0

domfind by diogo-fernan

A Python DNS crawler to find identical domain names under different TLDs.

created at April 24, 2015, 10:18 a.m.

4 +0

24 +0

3 +0

pyarascanner by nogoodconfig

A simple many-rules to many-files YARA scanner for incident response or malware zoos.

created at May 3, 2018, 11:49 a.m.

3 +0

26 +0

4 +0

Panorama by AlmCo

Fast incident overview

created at Sept. 12, 2016, 8:35 p.m.

3 +0

39 +0

7 +0

mutablesecurity by MutableSecurity

CLI program for automating the setup, configuration, and use of cybersecurity solutions

created at March 15, 2022, 11:25 a.m.

1 +0

43 +0

7 +0

artifacts-kb by ForensicArtifacts

Digital Forensics Artifacts Knowledge Base

created at Jan. 17, 2018, 7:31 p.m.

7 +0

75 +0

16 +0

acquire by fox-it

acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.

created at July 20, 2022, 1:09 p.m.

15 +0

91 +0

26 +0

fileintel by keithjjones

A modular Python application to pull intelligence about malicious files

created at Aug. 30, 2016, 5:35 p.m.

17 +0

118 +0

25 +0

imagemounter by ralphje

Command line utility and Python package to ease the (un)mounting of forensic disk images

created at Feb. 3, 2014, 10:27 a.m.

13 +0

120 +0

35 -1

CIRTKit by opensourcesec

Tools for the Computer Incident Response Team

created at Oct. 19, 2015, 3:50 p.m.

20 +0

142 +0

25 +0

logdissect by dogoncouch

CLI utility and Python module for analyzing log files and other data.

created at Feb. 19, 2017, 8:31 p.m.

11 +0

148 +0

23 +0

winreg-kb by libyal

Windows Registry Knowledge Base

created at Sept. 28, 2014, 5:15 a.m.

15 +0

162 +0

20 +0

Fastir_Collector_Linux by SekoiaLab

None

created at Jan. 25, 2016, 2:10 p.m.

23 +0

173 +1

42 +0

mastiff by KoreLogicSecurity

Malware static analysis framework

created at July 15, 2014, 8:23 p.m.

18 +0

174 +0

40 +0

Hoarder by muteb

This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole har drive.

created at Dec. 22, 2018, 8:23 p.m.

10 +0

193 +1

19 +0

VolDiff by aim4r

VolDiff: Malware Memory Footprint Analysis based on Volatility

created at April 19, 2015, 12:30 a.m.

28 +0

193 +1

50 +0

appcompatprocessor by mbevilacqua

"Evolving AppCompat/AmCache data analysis beyond grep"

created at April 2, 2017, 6:11 p.m.

17 +0

197 +0

25 +0

rastrea2r by rastrea2r

Collecting & Hunting for IOCs with gusto and style

created at May 1, 2018, 6:21 p.m.

17 +0

238 +0

53 +0

margaritashotgun by ThreatResponse

Remote Memory Acquisition Tool

created at Aug. 9, 2016, 5:39 p.m.

17 +0

242 +1

50 +0

AutoTTP by jymcheong

Automated Tactics Techniques & Procedures

created at Sept. 7, 2017, 6:25 a.m.

24 +0

251 +0

64 +0