Tag Archives: Incident Handling
PatrOwl – Scalable Security Orchestration Platform
PatrOwl is an advanced platform for orchestrating Security Operations like Penetration testing, Vulnerability Assessment, Code review, Compliance checks, Cyber-Threat Intelligence / Hunting and SOC & DFIR Operations.
mXtract – Offensive Memory Extractor & Analyzer
mXtract is a tool that analyzes and dumps memory. It is developed and its purpose to scan memory for private keys, ips, and passwords using regexes
Kirjuri – Web application to Manage Forensic Evidence
Kirjuri is a digital forensic evidence item management system. It is a web application designed to help forensic teams manage, track and report devices delivered for forensic examination.
NTFS Log Tracker – Tool to Parse NTFS Logs
NTFS Log Tracker is a tool that can parse $LogFile, $UsnJrnl of NTFS.A input of this tool is sample file extracted by another tool like Encase, Winhex.
MIG – Real-time IR and Investigation Platform
Mozilla Investigator MIG is a platform to perform investigative surgery on remote endpoints.
Threat_Note – Lightweight Investigation Notebook
Threat_Note is a web application built to allow security researchers the ability to add and retrieve indicators related to their research.
ProcDOT – Tool to Process Procmon and PCAP Logs
ProcDOT is a tool that process Sysinternals Process Monitor (Procmon) logfiles and PCAP-logs (Windump, Tcpdump) to generate a graph via the GraphViz suite.
