artifactcollector Logo

artifactcollector

0
Free
Visit Website

The artifactcollector project provides a software that collects forensic artifacts on systems. These artifacts can be used in forensic investigations to understand attacker behavior on compromised computers. Features: * Runs on Windows, Linux, and macOS * Can extract files, directories, registry entries, command and WMI output * Uses configurable and extensible Forensics Artifacts * Creates a forensicstore as structured output * It's open source and free for everyone (including commercial use) Installation: * Download from https://github.com/forensicanalysis/artifactcollector/releases or clone the repository and install using go install . Get artifacts & process forensicstores: * Extract raw artifacts or process collected data using elementary.

FEATURES

ALTERNATIVES

A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.

ForensicMiner, Redefine DFIR Automations

PowerForensics is a PowerShell digital forensics framework for hard drive forensic analysis.

Universal hexadecimal editor for computer forensics, data recovery, and IT security.

A forensic analysis tool that extracts and parses logs, notifications, and system information from iOS/iPadOS devices and backups.

A command-line tool for searching and extracting strings from files with various options like ASCII and Unicode string search.

Automated tool for parsing Windows registry hives and extracting valuable information for forensic analysis.

usbdeath is an anti-forensic tool that manipulates udev rules for known USB devices and performs actions on unknown USB device insertion or specific USB device removal.