ForensicMiner ForensicMiner, a PowerShell-based DFIR automation tool, revolutionizes the field of digital investigations. Designed for efficiency, it...
Forensics
JA4+ Network Fingerprinting JA4+ is a suite of network fingerprinting methods that are easy to use and...
Linpmem — a physical memory acquisition tool for Linux Linpmem is a Linux x64-only tool for reading...
WhisperPot WhisperPot is an ongoing project aimed at creating a comprehensive VoIP honeypot system. It is designed...
Cisco IOS XE implant scanning This repository contains information regarding post-exploitation activities linked to the Cisco IOS...
ALFA – Automated Audit Log Forensic Analysis for Google Workspace You can use this tool to acquire...
YAMA YAMA is a system for generating scanners that can inspect specific malware during incident response. The...
ThreatScraper ThreatScraper is a Python-based tool designed to check virus information by using VirusTotal API. It offers...
varc (Volatile Artifact Collector) varc collects a snapshot of volatile data from a system. It tells you...
z9 PowerShell Log Analyzer This tool detects the artifact of the PowerShell-based malware from the eventlog of...
Microsoft-Extractor-Suite Microsoft-Extractor-Suite is a fully-featured, actively-maintained, Powershell tool designed to streamline the process of collecting all necessary...
Trawler Trawler is a PowerShell script designed to help Incident Responders discover potential indicators of compromise on...
MemTracer MemTracer is a tool that offers live memory analysis capabilities, allowing digital forensic practitioners to discover...
Microsoft Section52 ICS Forensics Tools Microsoft Section52 Industrial Control Systems Forensics Tools is an open source forensic...
C2-Hunter C2-Hunter is a program designed for malware analysts to extract Command and Control (C2) traffic from...