Tag Archives: Tools

SysmonSearch – Investigate suspicious activity by visualizing Sysmon’s event log

SysmonSearch make event log analysis more effective and less time consuming, by aggregating event logs generated by Microsoft's Sysmon.

FIR – Fast Incident Response Tool

FIR is a tool that collects different artifacts on live Linux and records the results in csv files. With the analysis of these artifacts, an early compromission can be detected.

DEFT – Live CD for Forensic Analysis

DEFT (acronym for Digital Evidence & Forensics Toolkit) is a distribution made for Computer Forensics, with the purpose of running live on systems without tampering or corrupting devices (hard disks, pendrives, etc…) connected to the PC where the boot process

WhatWaf – Detect and bypass web application firewalls

WhatWaf is an advanced firewall detection tool whose goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application and attempting to detect a bypass (or two) for said firewall,

Heralding – Credentials catching honeypot

Heralding is low interaction honeypot that will allow user to emulate several protocols with a credentials user interface.

DetectionLab – Lab environment with complete security tooling

DetectionLab is a collection of Packer and Vagrant scripts that allow you to quickly bring a Windows Active Directory online

SniffAir – A framework for wireless pentesting

SniffAir is an open-source wireless security framework which provides the ability to easily parse passively collected wireless data as well as launch sophisticated wireless attacks.