domfind by diogo-fernan

A Python DNS crawler to find identical domain names under different TLDs.

created at April 24, 2015, 10:18 a.m.

4 +0

20 +0

3 +0

SPECTR3 by alpine-sec

Forensic tool for acquisition, triage and analysis of remote block devices via iSCSI protocol.

created at May 4, 2023, 4:51 p.m.

4 +0

32 +1

3 +0

pyarascanner by nogoodconfig

A simple many-rules to many-files YARA scanner for incident response or malware zoos.

created at May 3, 2018, 11:49 a.m.

3 +0

25 +0

4 +0

PowerSponse by swisscom

PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.

created at Sept. 14, 2017, 9:15 a.m.

15 +0

36 +0

6 +0

Panorama by AlmCo

Fast incident overview

created at Sept. 12, 2016, 8:35 p.m.

3 +0

38 +0

6 +0

mutablesecurity by MutableSecurity

CLI program for automating the setup, configuration, and use of cybersecurity solutions

created at March 15, 2022, 11:25 a.m.

1 +0

41 +0

6 +0

PowerGRR by swisscom

PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.

created at July 18, 2017, 1:14 p.m.

20 +0

56 +0

7 +0

cuckoo-modified-api by keithjjones

A Python library to interface with a cuckoo-modified instance

created at Sept. 25, 2016, 4:15 p.m.

6 +0

18 +0

7 +0

traceroute-circl by CIRCL

Traceroute improved wrapper for CSIRT and CERT operators

created at Dec. 5, 2010, 3:08 p.m.

16 +0

36 +0

9 +0

artifacts-kb by ForensicArtifacts

Digital Forensics Artifacts Knowledge Base

created at Jan. 17, 2018, 7:31 p.m.

8 +0

69 +0

15 +0

dumpit-linux by MagnetForensics

Memory acquisition for Linux that makes sense.

created at Oct. 9, 2022, 7:49 p.m.

10 +1

125 +1

15 +0

sqhunter by 0x4D31

A simple threat hunting tool based on osquery, Salt Open and Cymon API

created at June 23, 2017, 8:59 a.m.

12 +0

65 +0

15 +0

orochi by LDO-CERT

The Volatility Collaborative GUI

created at May 18, 2020, 2:01 p.m.

12 +0

190 +1

17 +0

acquire by fox-it

acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.

created at July 20, 2022, 1:09 p.m.

12 +0

75 +1

17 +0

Hoarder by muteb

This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole har drive.

created at Dec. 22, 2018, 8:23 p.m.

10 +0

187 +0

18 +0

artifactcollector by forensicanalysis

🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system

created at Jan. 3, 2020, 3:16 p.m.

9 +0

238 +0

18 +0

winreg-kb by libyal

Windows Registry Knowledge Base

created at Sept. 28, 2014, 5:15 a.m.

16 +0

151 +0

20 +0

logdissect by dogoncouch

CLI utility and Python module for analyzing log files and other data.

created at Feb. 19, 2017, 8:31 p.m.

11 +0

137 -1

22 +0

fileintel by keithjjones

A modular Python application to pull intelligence about malicious files

created at Aug. 30, 2016, 5:35 p.m.

17 +0

113 +0

25 +0

CIRTKit by opensourcesec

Tools for the Computer Incident Response Team

created at Oct. 19, 2015, 3:50 p.m.

19 +0

140 +0

25 +0