PowerForensics by Invoke-IR

PowerForensics provides an all in one platform for live disk forensic analysis

created at March 7, 2015, 5:12 p.m.

159 +0

1,357 -1

276 +0

Panorama by AlmCo

Fast incident overview

created at Sept. 12, 2016, 8:35 p.m.

3 +0

38 +0

6 +0

Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

created at Jan. 18, 2015, 8:39 a.m.

187 +0

3,226 +7

572 +0

Fastir_Collector by SekoiaLab

None

created at Oct. 23, 2015, 9:18 a.m.

63 +0

502 +1

128 -7

AChoir by OMENScan

Windows Live Artifacts Acquisition Script

created at May 25, 2015, 7:48 p.m.

14 +0

175 -1

31 +0

timesketch by google

Collaborative forensic timeline analysis

created at June 19, 2014, 5:49 p.m.

137 +1

2,489 +4

565 +1

plaso by log2timeline

Super timeline all the things

created at Sept. 8, 2014, 11:29 p.m.

92 +1

1,624 +6

324 +0

morgue by etsy

post mortem tracker

created at Oct. 17, 2013, 5:16 a.m.

75 +0

1,011 +0

133 +0

visualize_logs by keithjjones

A Python library and command line tools to provide interactive log visualization.

created at Oct. 11, 2016, 3:33 p.m.

15 +0

134 +0

36 +0

viper by viper-framework

Binary analysis and management framework

created at Nov. 9, 2013, 6:24 p.m.

147 +0

1,533 +0

351 +0

mastiff by KoreLogicSecurity

Malware static analysis framework

created at July 15, 2014, 8:23 p.m.

18 +0

171 +0

39 +0

cuckoo-modified-api by keithjjones

A Python library to interface with a cuckoo-modified instance

created at Sept. 25, 2016, 4:15 p.m.

6 +0

18 +0

7 +0

cuckoo-modified by spender-sandbox

Modified edition of cuckoo

created at Nov. 30, 2015, 1:55 p.m.

72 +0

388 +0

178 +0

incident-response-docs by PagerDuty

PagerDuty's Incident Response Documentation.

created at Nov. 28, 2016, 5:58 p.m.

68 +0

1,009 +2

222 +0

IRM by certsocietegenerale

Incident Response Methodologies 2022

created at Feb. 29, 2016, 8:52 a.m.

42 +0

880 +2

135 -1

traceroute-circl by CIRCL

Traceroute improved wrapper for CSIRT and CERT operators

created at Dec. 5, 2010, 3:08 p.m.

16 +0

36 +0

9 +0

sqhunter by 0x4D31

A simple threat hunting tool based on osquery, Salt Open and Cymon API

created at June 23, 2017, 8:59 a.m.

12 +0

65 +0

15 +0

stenographer by google

Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com

created at Oct. 13, 2014, 9:26 p.m.

104 +0

1,788 +0

231 +0

imagemounter by ralphje

Command line utility and Python package to ease the (un)mounting of forensic disk images

created at Feb. 3, 2014, 10:27 a.m.

13 +0

111 +0

36 +0

fibratus by rabbitstack

A modern tool for Windows kernel exploration and tracing with a focus on security

created at March 25, 2016, 11:28 a.m.

72 +0

2,075 +3

183 +1