fox-it / acquire
acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
☆96Updated this week
Alternatives and similar repositories for acquire:
Users that are interested in acquire are comparing it to the libraries listed below
- Digital Forensics Artifacts Knowledge Base☆78Updated 9 months ago
- ☆5Updated 4 months ago
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆66Updated last year
- A curated list of KAPE-related resources☆163Updated 10 months ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆107Updated last year
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆52Updated last year
- A python script developed to process Windows memory images based on triage type.☆260Updated last year
- Repository of public reference frameworks for the DFIR community.☆115Updated last year
- Windows Forensics Environment Builder☆130Updated 2 months ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆97Updated last year
- Logbook for Digital Forensics and Incident Response☆50Updated 8 months ago
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆92Updated last year
- Incident Response documents and tooling☆69Updated last year
- Automagically extract forensic timeline from volatile memory dump☆128Updated 10 months ago
- A GeoIP lookup utility utilizing ipinfo.io services.☆84Updated last year
- Forensic Artifact Collection Tool Matrix☆82Updated 4 months ago
- The Windows Malware Analysis Reversing Core Tools☆92Updated 4 years ago
- ☆67Updated 3 months ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆55Updated last month
- ☆48Updated last week
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆153Updated 9 months ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆153Updated 3 months ago
- Hunt malware with Volatility☆48Updated 10 months ago
- The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportu…☆204Updated last month
- A PowerShell incident response script for quick triage☆80Updated 2 years ago
- This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …☆198Updated 4 years ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆278Updated 6 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆84Updated last month
- The Threat Actor Profile Guide for CTI Analysts☆107Updated last year
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆111Updated last year