WELAWELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
Stars: ✭ 442 (-75.38%)
Mutual labels: analysis, timeline, forensics, dfir
AdtimelineTimeline of Active Directory changes with replication metadata
Stars: ✭ 252 (-85.96%)
Mutual labels: dfir, forensics, timeline
smram parseSystem Management RAM analysis tool
Stars: ✭ 50 (-97.21%)
Mutual labels: analysis, forensics, dfir
Ir RescueA Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Stars: ✭ 311 (-82.67%)
Mutual labels: dfir, forensics
truehunterTruehunter
Stars: ✭ 30 (-98.33%)
Mutual labels: forensics, dfir
RecuperabitA tool for forensic file system reconstruction.
Stars: ✭ 280 (-84.4%)
Mutual labels: dfir, forensics
Get-NetworkConnectionEdited version of Lee Christensen's Get-NetworkConnection which includes timestamp for each network connection
Stars: ✭ 34 (-98.11%)
Mutual labels: timeline, dfir
TurbiniaAutomation and Scaling of Digital Forensics Tools
Stars: ✭ 461 (-74.32%)
Mutual labels: dfir, forensics
Mac aptmacOS Artifact Parsing Tool
Stars: ✭ 329 (-81.67%)
Mutual labels: dfir, forensics
CortexCortex: a Powerful Observable Analysis and Active Response Engine
Stars: ✭ 676 (-62.34%)
Mutual labels: analysis, dfir
ir scriptsincident response scripts
Stars: ✭ 17 (-99.05%)
Mutual labels: forensics, dfir
LevelDBDumperDumps all of the Key/Value pairs from a LevelDB database
Stars: ✭ 23 (-98.72%)
Mutual labels: forensics, dfir
MeerkatA collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Stars: ✭ 284 (-84.18%)
Mutual labels: analysis, forensics
ForensicsToolsA list of free and open forensics analysis tools and other resources
Stars: ✭ 392 (-78.16%)
Mutual labels: timeline, forensics
Swap digger swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.
Stars: ✭ 354 (-80.28%)
Mutual labels: dfir, forensics
HindsightWeb browser forensics for Google Chrome/Chromium
Stars: ✭ 589 (-67.19%)
Mutual labels: dfir, forensics
MemlabsEducational, CTF-styled labs for individuals interested in Memory Forensics
Stars: ✭ 696 (-61.23%)
Mutual labels: dfir, forensics
AutotimelinerAutomagically extract forensic timeline from volatile memory dump
Stars: ✭ 54 (-96.99%)
Mutual labels: dfir, forensics
DiffyDiffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
Stars: ✭ 555 (-69.08%)
Mutual labels: dfir, forensics
