ciphertechsolutions / IO
Simple Imaging. Tactical Triage. Zero Clicks.
☆18Updated 6 years ago
Related projects: ⓘ
- Different DFIR and CTI utilities☆35Updated 4 years ago
- Checks with NSRL RDS servers looking for for hash matches☆111Updated 3 years ago
- A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.☆26Updated 4 years ago
- Example programs used in the automating DFIR series☆64Updated 5 years ago
- A DFVFS Backed Forensic Viewer☆38Updated 4 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Updated 5 years ago
- A collection of typical false positive indicators☆54Updated 3 years ago
- InvestigationPlaybookSpec☆72Updated 6 years ago
- AFF4 Standard Documents☆25Updated 2 years ago
- Command line utility and Python package to ease the (un)mounting of forensic disk images☆116Updated last year
- Python script to batch query the Tor Relays and Bridges☆36Updated 5 years ago
- ☆82Updated last year
- PowerShell scripts for Hard Drive forensics and parsing Windows Artifacts☆56Updated 3 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Updated 5 years ago
- References for FIRST CTI 2019 Symposium presentation☆23Updated 5 years ago
- ☆20Updated 6 years ago
- Bot to create MISP events from data in Slack☆17Updated 8 months ago
- A Windows Event Processing Utility☆46Updated 6 years ago
- ☆16Updated this week
- stoQ Public Plugins☆71Updated last year
- CDPO is a tool to validate, de-duplicate, combine, query, and encrypt track data recovered from a breach.☆15Updated 7 years ago
- Expert Investigation Guides☆50Updated 3 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆67Updated 10 months ago
- ForGe Forensic test image generator☆33Updated 9 years ago
- Python IOC Editor☆61Updated 9 years ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆20Updated 5 years ago
- Parses IE's Automatic Crash Recovery Files☆16Updated 7 years ago
- A set of templates for documenting threat intelligence☆72Updated 11 years ago
- AttackMatrix is a Python module and/or webpage to interact with and explore MITRE's ATT&CK's matrices.☆17Updated last year
- Community modules for FAME☆63Updated 2 weeks ago