CDQR - Cold Disk Quick Response
The CDQR tool uses Plaso to parse forensic artifacts and/or disk images with specific parsers, creating easy-to-analyze custom reports that group similar items together, following the Live Response Model for investigations. It generates up to 18 reports based on triaging best practices and parsing options, making it a valuable starting point for forensic analysis.
FEATURES
ALTERNATIVES
Universal hexadecimal editor for computer forensics, data recovery, and IT security.
Forensic imaging program with full hash authentication and various acquisition options.
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.
Windows event log fast forensics timeline generator and threat hunting tool.
A shell script for basic forensic collection of various artefacts from UNIX systems.
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
Automated tool for parsing Windows registry hives and extracting valuable information for forensic analysis.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.