DFIR ORC Logo

DFIR ORC

0
Free
Visit Website

Build Branch Status: - main release/10.1 - release/10.2 Requirements: - Visual Studio From 2017 to 2022 - English only (vcpkg limitation) Use this installer configuration or alternatively use vstools. Check also 'Desktop development with C++'. Kitware's CMake >= 3.25 or Visual Studio integrated version. Build environment can be setup quickly using Microsoft's developer virtual machines. Import this .vsconfig from Visual Studio Installer. Commands: - Both 32-bit and 64-bit versions should be built for maximum compatibility before deployment. - See https://dfir-orc.github.io for more details about deployment and configuration. In a prompt like Developer Command Prompt for VS 2019 (prefer to avoid using cmd.exe): - git clone --recursive https://github.com/dfir-orc/dfir-orc.git - cd dfir-orc - mkdir build-x86 build-x64 - cd build-x86 - cmake -G 'Visual Studio 17 2022' -A Win32 -T v141_xp .. - cmake --build . --config MinSizeRel -- -maxcpucount - cd ../build-x64 - cmake -G 'Visual Studio 17 2022' -A x64 -T v141_xp .. - cmake --build . --config MinSizeRel -- -maxcpucount The -T v141_xp option will allow compatibility with Windows XP SP2 and later, it can safely be removed if not needed.

FEATURES

ALTERNATIVES

A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.

Browse and analyze iPhone/iPad backups with detailed file properties and various viewers.

Second-order subdomain takeover scanner

Belkasoft offers cybersecurity solutions, training, and tools for businesses, law enforcement, and academia.

A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.

Tool for parsing NTFS journal files, $Logfile, and $MFT.

A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.

A forensic research tool for gathering forensic traces on Android and iOS devices, supporting the use of public indicators of compromise.