Category Archives: Incident Response

GoAccess – Real-time Web Log Analyzer and Viewer

GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal on *nix systems or through your browser.

USN Analytics -Tool to Analyze USN Journal

USN Analytics is a tool that specializes in USN Journal ($UsnJrnl:$J) analysis. USN journal is an internal system list of the NTFS file system

IntelMQ – Framework to Collect and Process Security Feeds

IntelMQ is a solution for IT security teams (CERTs & CSIRTs, SOCs, abuse departments, etc.) for collecting and processing security feeds.

DMDE – DM Disk Editor and Data Recovery Software

DMDE is a powerful software for data searching, editing, and recovery on disks. It may recover directory structure and files in some complicated cases.

LNAV – Advanced Terminal Log File Viewer

LNAV - The Logfile Navigator, is an enhanced log file viewer that takes advantage of any semantic information that can be gleaned

RegistryChangesView – Tool to Identify Registry Modification

RegistryChangesView is a tool for Windows that allows you to take a snapshot of Windows Registry and later compare it with another Registry snapshots

Grapl – Graph platform for Detection and Response

Grapl is a Graph Platform for Detection and Response with a focus on helping Detection Engineers and Incident Responders stop fighting their data.