A modular Python application to pull intelligence about malicious files
created at Aug. 30, 2016, 5:35 p.m.
A modular Python application to collect intelligence for malicious hosts.
created at Aug. 22, 2016, 8:25 p.m.
Remote Memory Acquisition Tool
created at Aug. 9, 2016, 5:39 p.m.
A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
created at Aug. 2, 2016, 9:01 p.m.
A framework for orchestrating forensic collection, processing and data export
created at July 29, 2016, 1:54 p.m.
Incident Response Forensic Framework
created at July 6, 2016, 11:02 a.m.
CrowdStrike Falcon Orchestrator provides automated workflow and response capabilities
created at April 22, 2016, 1:25 a.m.
A curated list of awesome forensic analysis tools and resources
created at March 29, 2016, 8:54 p.m.
A modern tool for Windows kernel exploration and tracing with a focus on security
created at March 25, 2016, 11:28 a.m.
CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.
created at Jan. 30, 2016, 4:58 a.m.
Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.
created at Oct. 20, 2015, 2:03 p.m.
Tools for the Computer Incident Response Team
created at Oct. 19, 2015, 3:50 p.m.