scot by sandialabs

Sandia Cyber Omni Tracker (SCOT)

created at Aug. 27, 2014, 8:24 p.m.

37 +0

245 +0

48 +0

SOC-Multitool by zdhenard42

A powerful and user-friendly browser extension that streamlines investigations for security professionals.

created at Jan. 3, 2023, 4:51 p.m.

10 +0

338 +0

43 +0

dfir-orc by DFIR-ORC

Forensics artefact collection tool for systems running Microsoft Windows

created at Sept. 20, 2019, 9:30 a.m.

26 -1

387 +1

42 +0

evolve by JamesHabben

Web interface for the Volatility Memory Forensics Framework

created at April 14, 2015, 1:26 a.m.

38 +0

259 +0

42 +0

Fastir_Collector_Linux by SekoiaLab

None

created at Jan. 25, 2016, 2:10 p.m.

23 +0

173 +1

42 +0

mastiff by KoreLogicSecurity

Malware static analysis framework

created at July 15, 2014, 8:23 p.m.

18 +0

174 +0

40 +0

catalyst by SecurityBrewery

⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes

created at Dec. 12, 2021, 11:37 p.m.

7 +0

350 +4

37 +0

imagemounter by ralphje

Command line utility and Python package to ease the (un)mounting of forensic disk images

created at Feb. 3, 2014, 10:27 a.m.

13 +0

120 +0

35 -1

MFT_Browser by kacos2000

$MFT directory tree reconstruction & FILE record info

created at Dec. 26, 2020, 2:28 a.m.

13 +0

292 +0

32 +0

visualize_logs by keithjjones

A Python library and command line tools to provide interactive log visualization.

created at Oct. 11, 2016, 3:33 p.m.

15 +0

137 +0

30 +0

Invoke-LiveResponse by mgreen27

Invoke-LiveResponse

created at Jan. 14, 2018, 9:42 a.m.

13 +0

145 +0

29 +0

AChoir by OMENScan

Windows Live Artifacts Acquisition Script

created at May 25, 2015, 7:48 p.m.

13 +0

183 +0

29 +0

spyre by spyre-project

simple YARA-based IOC scanner

created at May 28, 2018, 7:07 p.m.

12 +0

164 +0

27 +0

acquire by fox-it

acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.

created at July 20, 2022, 1:09 p.m.

15 +0

91 +0

26 +0

CIRTKit by opensourcesec

Tools for the Computer Incident Response Team

created at Oct. 19, 2015, 3:50 p.m.

20 +0

142 +0

25 +0

fileintel by keithjjones

A modular Python application to pull intelligence about malicious files

created at Aug. 30, 2016, 5:35 p.m.

17 +0

118 +0

25 +0

appcompatprocessor by mbevilacqua

"Evolving AppCompat/AmCache data analysis beyond grep"

created at April 2, 2017, 6:11 p.m.

17 +0

197 +0

25 +0

IRTriage by AJMartel

Incident Response Triage - Windows Evidence Collection for Forensic Analysis

created at Sept. 4, 2015, 8:51 a.m.

17 +0

130 +0

23 +0

logdissect by dogoncouch

CLI utility and Python module for analyzing log files and other data.

created at Feb. 19, 2017, 8:31 p.m.

11 +0

148 +0

23 +0

artifactcollector by forensicanalysis

🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system

created at Jan. 3, 2020, 3:16 p.m.

8 +0

270 +2

21 +0