Tag Archives: Forensics

DFIRtriage – Windows-based Incident Response Tool

DFIRtriage is a tool intended to provide Incident Responders with rapid host data. Written in Python, the code has been compiled to eliminate the dependency of python on the target host.

Internet History Browser – Tool to Review Browsing History

Internet History Browser collects and displays internet browsing history in comprehensive interface with powerful filtering engine. You can trace and see all your (or someone else's) web sites visits including date and time and used browser.

Cyber Triage – Practical Endpoint Response

Cyber Triage is an Incident response framework that will investigate remote systems and endpoint by pushing a collection of tools over the network.

pcapfex – Packet CAPture Forensic Evidence eXtractor

pcapfex 'Packet CAPture Forensic Evidence eXtractor' is a tool that finds and extracts files from packet capture files.

ProcDOT – Tool to Process Procmon and PCAP Logs

ProcDOT is a tool that process Sysinternals Process Monitor (Procmon) logfiles and PCAP-logs (Windump, Tcpdump) to generate a graph via the GraphViz suite.

Cyphon – Incident Management and Response Platform

Cyphon is an incident-response platform that receives, processes, and triages events to create a more efficient analytic workflow

Timesketch – Collaborative Forensic Timeline Analysis

Timesketch is an open source tool for collaborative forensic timeline analysis.