PowerForensics by Invoke-IR

PowerForensics provides an all in one platform for live disk forensic analysis

created at March 7, 2015, 5:12 p.m.

158 +0

1,385 -1

274 +0

Panorama by AlmCo

Fast incident overview

created at Sept. 12, 2016, 8:35 p.m.

3 +0

39 +0

7 +0

Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

created at Jan. 18, 2015, 8:39 a.m.

184 +0

3,402 +7

583 +0

Fastir_Collector by SekoiaLab

None

created at Oct. 23, 2015, 9:18 a.m.

63 +0

506 +1

126 +0

AChoir by OMENScan

Windows Live Artifacts Acquisition Script

created at May 25, 2015, 7:48 p.m.

13 +0

183 +0

29 +0

timesketch by google

Collaborative forensic timeline analysis

created at June 19, 2014, 5:49 p.m.

137 +0

2,614 +6

589 +0

plaso by log2timeline

Super timeline all the things

created at Sept. 8, 2014, 11:29 p.m.

94 +1

1,734 +2

352 +1

morgue by etsy

post mortem tracker

created at Oct. 17, 2013, 5:16 a.m.

74 +0

1,017 +0

133 +0

visualize_logs by keithjjones

A Python library and command line tools to provide interactive log visualization.

created at Oct. 11, 2016, 3:33 p.m.

15 +0

137 +0

30 +0

viper by viper-framework

Binary analysis and management framework

created at Nov. 9, 2013, 6:24 p.m.

148 +0

1,539 +0

350 +0

mastiff by KoreLogicSecurity

Malware static analysis framework

created at July 15, 2014, 8:23 p.m.

18 +0

174 +0

40 +0

cuckoo-modified-api by keithjjones

A Python library to interface with a cuckoo-modified instance

created at Sept. 25, 2016, 4:15 p.m.

6 +0

21 +0

7 +0

cuckoo-modified by spender-sandbox

Modified edition of cuckoo

created at Nov. 30, 2015, 1:55 p.m.

72 +0

395 +1

178 +0

incident-response-docs by PagerDuty

PagerDuty's Incident Response Documentation.

created at Nov. 28, 2016, 5:58 p.m.

68 +0

1,022 +1

224 -1

IRM by certsocietegenerale

Incident Response Methodologies 2022

created at Feb. 29, 2016, 8:52 a.m.

44 +0

978 +4

160 +1

traceroute-circl by CIRCL

Traceroute improved wrapper for CSIRT and CERT operators

created at Dec. 5, 2010, 3:08 p.m.

16 +0

37 +0

9 +0

stenographer by google

Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com

created at Oct. 13, 2014, 9:26 p.m.

101 +0

1,790 +2

238 +0

imagemounter by ralphje

Command line utility and Python package to ease the (un)mounting of forensic disk images

created at Feb. 3, 2014, 10:27 a.m.

13 +0

120 +0

35 -1

hostintel by keithjjones

A modular Python application to collect intelligence for malicious hosts.

created at Aug. 22, 2016, 8:25 p.m.

30 +0

262 +0

51 +0

fibratus by rabbitstack

Adversary tradecraft detection, protection, and hunting

created at March 25, 2016, 11:28 a.m.

70 +0

2,210 +0

190 +0