Category: Forensics

identify beacons

Hunt-Sleeping-Beacons: identify beacons

Hunt-Sleeping-Beacons The idea of this project is to identify beacons which are unpacked at runtime or running in the context of another process. To do so, I make use of...

network monitoring tool

goreplay: open-source network monitoring tool

goreplay GoReplay is an open-source network monitoring tool which can record your live traffic and use it for shadowing, load testing, monitoring, and detailed analysis. As your application grows, the...

Linux Evidence Acquisition

LEAF: Linux Evidence Acquisition Framework

Linux Evidence Acquisition Framework (LEAF) Linux Evidence Acquisition Framework (LEAF) acquires artifacts and evidence from Linux EXT4 systems, accepting user input to customize the functionality of the tool for easier...

Linux Process Discovery

xpid v1.3.2 releases: Linux Process Discovery

xpid It’s nmap but for pids. xpid gives a user the ability to “investigate” for process details on a Linux system. For example, a sleeping thread will have a directory /proc/[pid] that...