Category Archives: Incident Response
GoAccess – Real-time Web Log Analyzer and Viewer
GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal on *nix systems or through your browser.
USN Analytics -Tool to Analyze USN Journal
USN Analytics is a tool that specializes in USN Journal ($UsnJrnl:$J) analysis. USN journal is an internal system list of the NTFS file system
IntelMQ – Framework to Collect and Process Security Feeds
IntelMQ is a solution for IT security teams (CERTs & CSIRTs, SOCs, abuse departments, etc.) for collecting and processing security feeds.
DMDE – DM Disk Editor and Data Recovery Software
DMDE is a powerful software for data searching, editing, and recovery on disks. It may recover directory structure and files in some complicated cases.
LNAV – Advanced Terminal Log File Viewer
LNAV - The Logfile Navigator, is an enhanced log file viewer that takes advantage of any semantic information that can be gleaned
RegistryChangesView – Tool to Identify Registry Modification
RegistryChangesView is a tool for Windows that allows you to take a snapshot of Windows Registry and later compare it with another Registry snapshots
Grapl – Graph platform for Detection and Response
Grapl is a Graph Platform for Detection and Response with a focus on helping Detection Engineers and Incident Responders stop fighting their data.
