The CDQR tool uses Plaso to parse forensic artifacts and/or disk images with specific parsers, creating easy-to-analyze custom reports that group similar items together, following the Live Response Model for investigations. It generates up to 18 reports based on triaging best practices and parsing options, making it a valuable starting point for forensic analysis.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
A library for accessing and parsing Microsoft Internet Explorer cache files (index.dat) to extract URLs, timestamps, and cached content for digital forensic analysis.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.
A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.
A library for accessing and parsing Extensible Storage Engine (ESE) Database Files used by Microsoft applications like Windows Search, Exchange, and Active Directory for forensic analysis purposes.
A library for accessing and parsing Windows NT Registry File (REGF) format files, designed for digital forensics and registry analysis applications.
Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.