Forensic Artifacts Collecting Toolset
-
Updated
May 19, 2024 - Go
Forensic Artifacts Collecting Toolset
urlyzer is a URL parsing analysis tool.
Mantis is a forensics tool in Go leveraging utilities from Sysinternals and Nirsoft for system analysis and investigation. Automates systems logs retrieval, network connections, process activity analysis, autoruns configurations and more.
Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, Domain, ASN, DNS and Threat Indicator matches.
Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes
Signature engine for all your logs
🕵️ Process and show forensic artifacts (e.g. eventlogs, usb devices, network devices...) in forensicstores
Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.
🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
Provides a multi-platform Graphical User Interface for hashlookup
Dumps all of the Key/Value pairs from a LevelDB database
VirusTotal Wanna Be - Now with 100% more Hipster
Quick and dirty method do data exfil binary files in the form of hex strings to GCP's cloud logging easily bypassing most DLP
Cross Platform (Go app) - to parse Windows Tasks UTF-16 le ecoded xml files to csv or onscreen tab
Live system forensic collector
Add a description, image, and links to the dfir topic page so that developers can more easily learn about it.
To associate your repository with the dfir topic, visit your repo's landing page and select "manage topics."