Tag Archives: Incident Handling
mXtract – Offensive Memory Extractor & Analyzer
mXtract is a tool that analyzes and dumps memory. It is developed and its purpose to scan memory for private keys, ips, and passwords using regexes
Kirjuri – Web application to Manage Forensic Evidence
Kirjuri is a digital forensic evidence item management system. It is a web application designed to help forensic teams manage, track and report devices delivered for forensic examination.
NTFS Log Tracker – Tool to Parse NTFS Logs
NTFS Log Tracker is a tool that can parse $LogFile, $UsnJrnl of NTFS.A input of this tool is sample file extracted by another tool like Encase, Winhex.
MIG – Real-time IR and Investigation Platform
Mozilla Investigator MIG is a platform to perform investigative surgery on remote endpoints.
Threat_Note – Lightweight Investigation Notebook
Threat_Note is a web application built to allow security researchers the ability to add and retrieve indicators related to their research.
ProcDOT – Tool to Process Procmon and PCAP Logs
ProcDOT is a tool that process Sysinternals Process Monitor (Procmon) logfiles and PCAP-logs (Windump, Tcpdump) to generate a graph via the GraphViz suite.
HashMyFiles – Calculate MD5/SHA1/CRC32 Files Hashes
HashMyFiles is small utility that allows you to calculate the MD5 and SHA1 hashes of one or more files in your system. You can easily copy the MD5/SHA1 hashes list into the clipboard, or save them into text/html/xml file.
