Category: Forensics

goaccess

goaccess v1.9 releases: real-time web log analyzer and interactive viewer

GoAccess GoAccess is an open-source real-time web log analyzer and interactive viewer that runs in a terminal on *nix systems or through your browser. It provides fast and valuable HTTP statistics for system administrators that require a visual server report...

Conpot

conpot: ICS/SCADA honeypot

Conpot Conpot is an ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems Install using Docker Via a pre-built image Install Docker Run docker pull...

snare

snare: Super Next generation Advanced Reactive honEypot

SNARE Super Next-generation Advanced Reactive honEypot It is a web application honeypot sensor attracting all sort of maliciousness from the Internet. Getting started You need a Python3. We tested primarily with >=3.4 This was...

CAINE

CAINE 10.0 Releases: Linux distribution for digital forensics

CAINE (Computer Aided Investigative Environment) is a UNU-based GNU/Linux self-starting distribution that was created as a digital forensics project at the Interdisciplinary Center for Security Research (CRIS). The CAINE forensics framework includes a set...

process-forest

process-forest: processes Microsoft Windows EVTX event logs

process-forest is a tool that processes Microsoft Windows EVTX event logs that contain process accounting events and reconstructs the historical process hierarchies. That is, it displays the parent-child relationships among programs. When using this tool...

turbinia

btrForensics: Forensic Analysis Tool for Btrfs File System

btrForensics Forensic Analysis Tool for Btrfs File System. Btrfs is a modern copy on write (CoW) filesystem for Linux aimed at implementing advanced features while also focusing on fault tolerance, repair, and easy administration....

dexter

dexter: Forensics acquisition framework

Dexter Your friendly forensics expert. Dexter is a forensics acquisition framework designed to be extensible and secure. Dexter runs as an agent backed by S3. Investigators use Dexter on the command line to issue...

sleuth kit

diffy: cloud-centric security incidents

Diffy Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix’s Security Intelligence and Response Team (SIRT). It allows a forensic investigator to quickly scope a compromise across cloud instances during...