swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches...
Hindsight is a free tool for analyzing web artifacts. It started with the browsing history of the Google Chrome web browser and...
WEFFLES is designed to be small and lightweight, both for speed of getting something deployed during an Incident Response and also for...
Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask. Capabilities ps View full process list Inspect process memory map...
Some work has been already published regarding the subject of cryptograhic keys security within DRAM. Basically, we need to find something that looks like...
This tool is designed to manipulate FAT filesystems, in order to explore, extract, repair, recover and forensic them. It currently supports FAT12,...
Trape is a recognition tool that allows you to track people, the information you can get is very detailed. We want to...
srum-dump This program will create an excel spreadsheet containing forensics artifacts contained the SRUM (System Resource Utilization Manager) database. The program can...
The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into another....
Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heuristic detections by obfuscating only key portions of an executable....
OS X Auditor is a free Mac OS X computer forensics tool. OS X Auditor parses and hashes the following artifacts on...