fox-it / acquire
acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
☆95Updated this week
Alternatives and similar repositories for acquire:
Users that are interested in acquire are comparing it to the libraries listed below
- Digital Forensics Artifacts Knowledge Base☆78Updated 9 months ago
- A curated list of KAPE-related resources☆163Updated 10 months ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆97Updated last year
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆65Updated last year
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆92Updated last year
- ☆5Updated 4 months ago
- Logbook for Digital Forensics and Incident Response☆50Updated 8 months ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆107Updated last year
- A python script developed to process Windows memory images based on triage type.☆260Updated last year
- Windows Forensics Environment Builder☆131Updated 2 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆117Updated last year
- Forensic Artifact Collection Tool Matrix☆84Updated 4 months ago
- Repository of public reference frameworks for the DFIR community.☆115Updated last year
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆153Updated 3 months ago
- Hunt malware with Volatility☆48Updated 10 months ago
- DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…☆78Updated 2 months ago
- Chrome Logs Events and Protobuf Parser☆38Updated 2 years ago
- Incident Response documents and tooling☆69Updated last year
- A GeoIP lookup utility utilizing ipinfo.io services.☆84Updated last year
- A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources t…☆54Updated 3 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆52Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated last year
- Documentation site for Velociraptor☆43Updated this week
- ☆64Updated 2 years ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆55Updated last month
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆111Updated last year
- A PowerShell incident response script for quick triage☆80Updated 2 years ago
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts☆57Updated 3 months ago
- Blueteam operational triage registry hunting/forensic tool.☆145Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆84Updated last month