Defense / Forensics / Sniffing & Spoofing
by do son · Published July 25, 2019 · Last modified November 4, 2024
Wireshark Analyzer is a fantastic multi-platform open-source network protocol analyzer. It can be used to check the analysis of data from the network host to survive, but also look to...
diskover-web diskover-web is an open-source web file manager, disk space usage, storage analytics, and file search engine for diskover. It is designed to help you quickly search across your storage...
Skadi Skadi is a free, open-source collection of tools that enable the collection, processing and advanced analysis of forensic artifacts and images. It scales to work effectively on laptops, desktops,...
ThreatHunting This is a Splunk application containing several dashboards and over 120 reports that will facilitate initial hunting indicators to investigate. Note: ThreatHunting is not a magic bullet, it will...
cfltools: Computer Forensic Laboratory Tools Automates and simplifies common analysis tasks encountered by investigators who deal with cybercrime, especially logfile analysis. These tools are meant to help a security analyst...
Defense / Forensics / Networking
by do son · Published July 16, 2019 · Last modified August 17, 2021
Skydive Skydive is an open-source real-time network topology and protocols analyzer. It aims to provide a comprehensive way of understanding what is happening in the network infrastructure. Skydive agents collect...
red Red is a terminal log analysis tools. Install go get github.com/antonmedv/red Use Pipe JSON stream logs into red and specify a few fields to display. For example, using with kubernetes: kubectl...
Cacti is a complete network graphing solution designed to harness the power of RRDTool‘s data storage and graphing functionality. Cacti provide a fast poller, advanced graph templating, multiple data acquisition...
StackStorm is a platform for integration and automation across services and tools. It ties together your existing infrastructure and application environment so you can more easily automate that environment —...
dfVFS, or Digital Forensics Virtual File System, provides read-only access to file-system objects from various storage media types and file formats. The goal of dfVFS is to provide a generic...
joy is a BSD-licensed libpcap-based software package for extracting data features from live network traffic or packet capture (pcap) files, using a flow-oriented model similar to that of IPFIX or...
Cortex tries to solve a common problem frequently encountered by SOCs, CSIRTs and security researchers in the course of threat intelligence, digital forensics, and incident response: how to analyze observables they have collected, at...
TheHive is a scalable 3-in-1 open source and free Security Incident Response Platform designed to make life easier for SOCs, CSIRTs, CERTs, and any information security practitioner dealing with security...
Sometimes forensic investigators need to process digital images as evidence. There are some tools around, otherwise, it is difficult to deal with forensic analysis with a lot of images involved....
LogViewer is designed to work with any large text files so that even very large files can be opened, viewed and searched. Its original use case is for DFIR cases...
Support Securityonline.info site. Thanks!
