dexter: Forensics acquisition framework
Dexter Your friendly forensics expert. Dexter is a forensics acquisition framework designed to be extensible and secure. Dexter runs as an agent backed by S3. Investigators use Dexter on the...
Category: Forensics
rosenbridge: Hardware backdoors in some x86 CPUs
rosenbridge Overview project:rosenbridge reveals a hardware backdoor in some desktop, laptop, and embedded x86 processors. The backdoor allows ring 3 (userland) code to circumvent processor protections to freely read and...
diffy: cloud-centric security incidents
Diffy Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix’s Security Intelligence and Response Team (SIRT). It allows a forensic investigator to quickly scope a compromise...
OWASP Honeypot: open source software for creating honeypot and honeynet
OWASP Honeypot OWASP Honeypot is an open source software in Python language which designed for creating honeypot and honeynet in an easy and secure way! This project is compatible with...
bitscout: Remote forensics meta tool
Bitscout is customizable live OS constructor tool written purely in bash. It’s main purpose is to help you quickly create own remote forensics bootable disk image. This project was created...
dnslog: Minimalistic DNS logging tool
dnslog Minimalistic DNS logging tool. Captures all DNS traffic and stores its textual presentation (in compressed form) to the /var/log/dnslog/<date>.log.gz. Created for the network forensics purposes. Install sudo su...
SwishDbgExt: Incident Response & Digital Forensics Debugging Extension
SwishDbgExt is a Microsoft WinDbg debugging extension that expands the set of available commands by Microsoft WinDbg, but also fixes and improves existing commands. This extension has been developed by...
dftimewolf: orchestrating forensic collection, processing and data export
DFTimewolf A framework for orchestrating forensic collection, processing and data export. dfTimewolf consists of collectors, processors, and exporters (modules) that pass data on to one another. How modules are orchestrated...
IoT-Honeypot: simulate http server attacks in Python
IoT-Honeypot This tool to simulate Device IoT(Router) attacks in Python which logs HackerIP and all the tracing he does into a Logfile then a database. Installation Clone the repository. git clone...
metta: do adversarial simulation
Metta is an information security preparedness tool. This project uses Redis/Celery, python, and vagrant with VirtualBox to do the adversarial simulation. This allows you to test (mostly) your host-based instrumentation...
GOSINT: collecting, processing, and exporting high quality indicators of compromise
GOSINT – Open Source Threat Intelligence Gathering and Processing Framework The GOSINT framework is a project used for collecting, processing, and exporting high-quality indicators of compromise (IOCs). It allows a...
malspider: detects characteristics of web compromises
Malspider Malspider is a web spidering framework that inspects websites for characteristics of compromise. It has three purposes: Website Integrity Monitoring: monitor your organization’s website (or your personal website) for...
fridump: A universal memory dumper using Frida
Fridump Fridump (v0.1) is an open source memory dumping tool, primarily aimed to penetration testers and developers. Fridump is using the Frida framework to dump accessible memory addresses from any...
Forensic-Tools: A collection of tools for forensic analysis
Forensic_Tools A collection of tools for forensic analysis. Download git clone https://github.com/MonroCoury/Forensic-Tools.git Usage: python [script name.py] -h at any time for help exif_extractor: use to extract exif metadata from images that...
RedHunt-OS v1.0 releases: Virtual Machine for Adversary Emulation and Threat Hunting
RedHunt Linux Distribution Virtual Machine for Adversary Emulation and Threat Hunting RedHunt aims to be a one-stop shop for all your threat emulation and threat hunting needs by integrating attacker’s...
