Manage loki scans over a large network.
-
Updated
Dec 9, 2020 - PowerShell
Manage loki scans over a large network.
Faster & Better Way to analyze the EML Files
Este script recompilará una gran parte de la información que se suele obtener de un sistema Linux ante un peritaje o análisis forense. Además toda la información será firmada con SHA256.
Toolset to analyze disks encrypted with McAFee FDE technology
This script is designed to pull data from the carbon black cloud. One disadvantage of the CBC GUI is the inability to see the command line for each process in bulk. Instead, you need to click on each process individually. This spits out the command line so you can quickly spot evil.
Confirm file type by matching the magic signature ("number").
🚀 IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS through playbook automation and seamless integrations. Easily extensible and in active development. Join us in building a tool geared towards enhancing security efficiency!
Scripts automating computer forensics for Windows and Linux
Cortex-Analyzers Modified - SecTeam/CERT/SOC Security orchestration tools on steroids
CLI generator for Velociraptor offline collector
AutoParser is a forensic tool for parsing offline registry hives.
Mac PenTesting & Digital Forensics Collection
Create a timeline of files in a folder.
Binalyze AIR and Carbon Black Cloud Integration
Ingest and query NIST NSRL Reference Data Sets in Elasticsearch with Python tools and libraries.
Sabonis, a Digital Forensics and Incident Response pivoting tool
Resources for DFIR. And more.
Add a description, image, and links to the dfir-automation topic page so that developers can more easily learn about it.
To associate your repository with the dfir-automation topic, visit your repo's landing page and select "manage topics."