artifactcollector
The artifactcollector project provides a software that collects forensic artifacts on systems. These artifacts can be used in forensic investigations to understand attacker behavior on compromised computers. Features: * Runs on Windows, Linux, and macOS * Can extract files, directories, registry entries, command and WMI output * Uses configurable and extensible Forensics Artifacts * Creates a forensicstore as structured output * It's open source and free for everyone (including commercial use) Installation: * Download from https://github.com/forensicanalysis/artifactcollector/releases or clone the repository and install using go install . Get artifacts & process forensicstores: * Extract raw artifacts or process collected data using elementary.
FEATURES
ALTERNATIVES
dc3dd is a patch to the GNU dd program, tailored for forensic acquisition with features like hashing and file verification.
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
A free, open source collection of tools for forensic artifact and image analysis.
Customizable live OS constructor tool for remote forensics and incident response.
Windows event log fast forensics timeline generator and threat hunting tool.
A recognition framework for identifying products, services, operating systems, and hardware by matching fingerprints against network probes.
DFIR ORC Documentation provides detailed instructions for setting up the build environment and deploying the tool.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.