Categories: Resources

Forensics

  • grr – GRR Rapid Response is an incident response framework focused on remote live forensics.
  • Volatility – Python based memory extraction and analysis framework.
  • mig – MIG is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers of systems in parallel, thus accelerating investigation of incidents and day-to-day operations security.
  • ir-rescueir-rescue is a Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
  • Logdissect – CLI utility and Python API for analyzing log files and other data.
  • Meerkat – PowerShell-based Windows artifact collection for threat hunting and incident response.
  • LiME – Linux Memory Extractor
«
»
Stay up to date with the latest cyber news: