Tag Archives: Incident Handling

PatrOwl – Scalable Security Orchestration Platform

PatrOwl is an advanced platform for orchestrating Security Operations like Penetration testing, Vulnerability Assessment, Code review, Compliance checks, Cyber-Threat Intelligence / Hunting and SOC & DFIR Operations.

mXtract – Offensive Memory Extractor & Analyzer

mXtract is a tool that analyzes and dumps memory. It is developed and its purpose to scan memory for private keys, ips, and passwords using regexes

Kirjuri – Web application to Manage Forensic Evidence

Kirjuri is a digital forensic evidence item management system. It is a web application designed to help forensic teams manage, track and report devices delivered for forensic examination.

NTFS Log Tracker – Tool to Parse NTFS Logs

NTFS Log Tracker is a tool that can parse $LogFile, $UsnJrnl of NTFS.A input of this tool is sample file extracted by another tool like Encase, Winhex.

MIG – Real-time IR and Investigation Platform

Mozilla Investigator MIG is a platform to perform investigative surgery on remote endpoints.

Threat_Note – Lightweight Investigation Notebook

Threat_Note is a web application built to allow security researchers the ability to add and retrieve indicators related to their research.

ProcDOT – Tool to Process Procmon and PCAP Logs

ProcDOT is a tool that process Sysinternals Process Monitor (Procmon) logfiles and PCAP-logs (Windump, Tcpdump) to generate a graph via the GraphViz suite.