Tag Archives: Incident Response

mXtract – Offensive Memory Extractor & Analyzer

mXtract is a tool that analyzes and dumps memory. It is developed and its purpose to scan memory for private keys, ips, and passwords using regexes

Kirjuri – Web application to Manage Forensic Evidence

Kirjuri is a digital forensic evidence item management system. It is a web application designed to help forensic teams manage, track and report devices delivered for forensic examination.

NTFS Log Tracker – Tool to Parse NTFS Logs

NTFS Log Tracker is a tool that can parse $LogFile, $UsnJrnl of NTFS.A input of this tool is sample file extracted by another tool like Encase, Winhex.

Ostinato – Network Traffic Generator

Ostinato is a packet generator and network traffic generator with a friendly GUI. Also a powerful Python API for network test automation. Craft and send packets of several streams with different protocols at different rates.

MultiTail – Monitor Multiple Files Simultaneously

MultiTail allows you to monitor logfiles and command output in multiple windows in a terminal, colorize, filter and merge.

MIG – Real-time IR and Investigation Platform

Mozilla Investigator MIG is a platform to perform investigative surgery on remote endpoints.

MozDef – Mozilla Enterprise Defense Platform

The Mozilla Enterprise Defense Platform (MozDef) seeks to automate the security incident handling process and facilitate the real-time activities of incident handlers.