scot by sandialabs

Sandia Cyber Omni Tracker (SCOT)

created at Aug. 27, 2014, 8:24 p.m.

38 +0

242 +0

48 +0

Fastir_Collector_Linux by SekoiaLab

None

created at Jan. 25, 2016, 2:10 p.m.

23 +0

166 +0

43 +0

evolve by JamesHabben

Web interface for the Volatility Memory Forensics Framework

created at April 14, 2015, 1:26 a.m.

38 +0

259 +0

42 +0

SOC-Multitool by zdhenard42

A powerful and user-friendly browser extension that streamlines investigations for security professionals.

created at Jan. 3, 2023, 4:51 p.m.

10 +0

310 +0

42 +1

dfir-orc by DFIR-ORC

Forensics artefact collection tool for systems running Microsoft Windows

created at Sept. 20, 2019, 9:30 a.m.

27 +0

359 +1

41 +0

mastiff by KoreLogicSecurity

Malware static analysis framework

created at July 15, 2014, 8:23 p.m.

18 +0

173 +0

39 +0

imagemounter by ralphje

Command line utility and Python package to ease the (un)mounting of forensic disk images

created at Feb. 3, 2014, 10:27 a.m.

13 +0

112 +0

36 +0

visualize_logs by keithjjones

A Python library and command line tools to provide interactive log visualization.

created at Oct. 11, 2016, 3:33 p.m.

15 +0

135 +1

36 +0

catalyst by SecurityBrewery

Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes

created at Dec. 12, 2021, 11:37 p.m.

5 +0

276 +2

34 +0

AChoir by OMENScan

Windows Live Artifacts Acquisition Script

created at May 25, 2015, 7:48 p.m.

14 +0

177 +1

31 +0

MFT_Browser by kacos2000

$MFT directory tree reconstruction & FILE record info

created at Dec. 26, 2020, 2:28 a.m.

13 +0

280 +0

30 +0

Invoke-LiveResponse by mgreen27

Invoke-LiveResponse

created at Jan. 14, 2018, 9:42 a.m.

13 +0

144 +0

29 +0

spyre by spyre-project

simple YARA-based IOC scanner

created at May 28, 2018, 7:07 p.m.

12 +0

160 +1

27 +0

appcompatprocessor by mbevilacqua

"Evolving AppCompat/AmCache data analysis beyond grep"

created at April 2, 2017, 6:11 p.m.

17 +0

190 +0

26 +0

IRTriage by AJMartel

Incident Response Triage - Windows Evidence Collection for Forensic Analysis

created at Sept. 4, 2015, 8:51 a.m.

17 +0

123 +0

26 +0

CIRTKit by opensourcesec

Tools for the Computer Incident Response Team

created at Oct. 19, 2015, 3:50 p.m.

19 +0

140 +0

25 +0

fileintel by keithjjones

A modular Python application to pull intelligence about malicious files

created at Aug. 30, 2016, 5:35 p.m.

17 +0

114 +0

25 +0

logdissect by dogoncouch

CLI utility and Python module for analyzing log files and other data.

created at Feb. 19, 2017, 8:31 p.m.

11 +0

138 +0

22 +0

winreg-kb by libyal

Windows Registry Knowledge Base

created at Sept. 28, 2014, 5:15 a.m.

16 +0

151 +0

20 +0

artifactcollector by forensicanalysis

🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system

created at Jan. 3, 2020, 3:16 p.m.

9 +0

244 +1

19 +0