Diffy has been deprecated at Netflix. This software is no longer maintained or supported. Diffy is a digital forensics and incident response (DFIR) tool that was developed by Netflix's Security Intelligence and Response Team (SIRT). Diffy allows a forensic investigator to quickly scope a compromise across cloud instances during an incident, and triage those instances for followup actions. Diffy is currently focused on Linux instances running within Amazon Web Services (AWS), but owing to our plugin structure, could support multiple platforms and cloud providers. It's called "Diffy" because it helps a human investigator to identify the differences between instances, and because Alex pointed out that "The Difforensicator" was unnecessarily tricky. See Releases for recent changes. See our Read the Docs site for well-formatted documentation. Supported Technologies: AWS (AWS Systems Manager / SSM), Local osquery. Each technology has its own plugins for targeting, collection, and persistence. Features: Efficiently highlights outliers in security-relevant instance behavior. For example, you can use Diffy to tell you which of your instances are listening on an unexpected port.
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
Exterro is a data risk management platform that optimizes e-discovery, digital forensics, and cybersecurity compliance operations.
Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.
A tool for triaging crash files with various output formats and debugging engine options.
Malscan is a tool to scan process memory for YARA matches and execute Python scripts.
Python script to parse macOS MRU plist files into human-friendly format
Comprehensive digital forensics and incident response platform for law enforcement, corporate, and academic institutions.