Traceroute improved wrapper for CSIRT and CERT operators
updated at Aug. 6, 2021, 6:54 p.m.
A simple many-rules to many-files YARA scanner for incident response or malware zoos.
updated at July 6, 2023, 2:10 a.m.
A Python library to interface with a cuckoo-modified instance
updated at Dec. 4, 2023, 6:09 p.m.
A Python library and command line tools to provide interactive log visualization.
updated at Dec. 26, 2023, 12:22 p.m.
A Python DNS crawler to find identical domain names under different TLDs.
updated at Jan. 4, 2024, 12:28 p.m.
PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
updated at Jan. 29, 2024, 5:35 p.m.
Tools for the Computer Incident Response Team
updated at Jan. 31, 2024, 10:04 a.m.
inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques
updated at Feb. 5, 2024, 5:10 p.m.
A modular Python application to collect intelligence for malicious hosts.
updated at Feb. 9, 2024, 5:33 p.m.
CrowdStrike Falcon Orchestrator provides automated workflow and response capabilities
updated at Feb. 9, 2024, 8:47 p.m.
Command line utility and Python package to ease the (un)mounting of forensic disk images
updated at March 1, 2024, 8:14 a.m.