Dexter Your friendly forensics expert. Dexter is a forensics acquisition framework designed to be extensible and secure. Dexter runs as an agent backed by S3. Investigators use Dexter on the command line to issue...
rosenbridge Overview project:rosenbridge reveals a hardware backdoor in some desktop, laptop, and embedded x86 processors. The backdoor allows ring 3 (userland) code to circumvent processor protections to freely read and write ring 0 (kernel)...
Diffy Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix’s Security Intelligence and Response Team (SIRT). It allows a forensic investigator to quickly scope a compromise across cloud instances during...
OWASP Honeypot OWASP Honeypot is an open source software in Python language which designed for creating honeypot and honeynet in an easy and secure way! This project is compatible with Python 2.x and 3.x...
Bitscout is customizable live OS constructor tool written purely in bash. It’s main purpose is to help you quickly create own remote forensics bootable disk image. This project was created by security researchers for...
dnslog Minimalistic DNS logging tool. Captures all DNS traffic and stores its textual presentation (in compressed form) to the /var/log/dnslog/<date>.log.gz. Created for the network forensics purposes. Install sudo su apt-get install git python...
Forensics / Reverse Engineering
by do son · Published September 9, 2018 · Last modified October 10, 2021
SwishDbgExt is a Microsoft WinDbg debugging extension that expands the set of available commands by Microsoft WinDbg, but also fixes and improves existing commands. This extension has been developed by Matt Suiche (@msuiche) –...
DFTimewolf A framework for orchestrating forensic collection, processing and data export. dfTimewolf consists of collectors, processors, and exporters (modules) that pass data on to one another. How modules are orchestrated is defined in predefined...
IoT-Honeypot This tool to simulate Device IoT(Router) attacks in Python which logs HackerIP and all the tracing he does into a Logfile then a database. Installation Clone the repository. git clone https://github.com/anouarbensaad/HTTP-Honeypot.git and switch into the...
Metta is an information security preparedness tool. This project uses Redis/Celery, python, and vagrant with VirtualBox to do the adversarial simulation. This allows you to test (mostly) your host-based instrumentation but may also allow...
GOSINT – Open Source Threat Intelligence Gathering and Processing Framework The GOSINT framework is a project used for collecting, processing, and exporting high-quality indicators of compromise (IOCs). It allows a security analyst to collect...
Malspider Malspider is a web spidering framework that inspects websites for characteristics of compromise. It has three purposes: Website Integrity Monitoring: monitor your organization’s website (or your personal website) for potentially malicious changes. Generate...
Fridump Fridump (v0.1) is an open source memory dumping tool, primarily aimed to penetration testers and developers. Fridump is using the Frida framework to dump accessible memory addresses from any platform supported. It can...
Forensic_Tools A collection of tools for forensic analysis. Download git clone https://github.com/MonroCoury/Forensic-Tools.git Usage: python [script name.py] -h at any time for help exif_extractor: use to extract exif metadata from images that contain them python exif_extractor.py...
Forensics / Information Gathering / Network PenTest / Vulnerability Analysis
by do son · Published August 13, 2018 · Last modified October 10, 2021
RedHunt Linux Distribution Virtual Machine for Adversary Emulation and Threat Hunting RedHunt aims to be a one-stop shop for all your threat emulation and threat hunting needs by integrating attacker’s arsenal as well as...
Secure Your Connection
