Visit Website

The artifactcollector project provides a software that collects forensic artifacts on systems. These artifacts can be used in forensic investigations to understand attacker behavior on compromised computers. Features: * Runs on Windows, Linux, and macOS * Can extract files, directories, registry entries, command and WMI output * Uses configurable and extensible Forensics Artifacts * Creates a forensicstore as structured output * It's open source and free for everyone (including commercial use) Installation: * Download from https://github.com/forensicanalysis/artifactcollector/releases or clone the repository and install using go install . Get artifacts & process forensicstores: * Extract raw artifacts or process collected data using elementary.

FEATURES

ALTERNATIVES

libevt is a library to access and parse Windows Event Log (EVT) files.

A powerful OSINT tool for creating custom templates for data extraction and analysis

A software utility with forensic tools for smartphones, offering powerful data extraction and decoding capabilities.

A cybersecurity tool for collecting and analyzing forensic artifacts on live systems.

A library and tools for accessing and analyzing Linux Logical Volume Manager (LVM) volume system format.

mac_apt is a versatile DFIR tool for processing Mac and iOS images, offering extensive artifact extraction capabilities and cross-platform support.

A tool for discovering, analyzing, and remedying sensitive data

Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix's Security Intelligence and Response Team (SIRT) for scoping compromises across cloud instances.

CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved