Diffy (DEPRECATED)
0
Free
Diffy has been deprecated at Netflix. This software is no longer maintained or supported. Diffy is a digital forensics and incident response (DFIR) tool that was developed by Netflix's Security Intelligence and Response Team (SIRT). Diffy allows a forensic investigator to quickly scope a compromise across cloud instances during an incident, and triage those instances for followup actions. Diffy is currently focused on Linux instances running within Amazon Web Services (AWS), but owing to our plugin structure, could support multiple platforms and cloud providers. It's called "Diffy" because it helps a human investigator to identify the differences between instances, and because Alex pointed out that "The Difforensicator" was unnecessarily tricky. See Releases for recent changes. See our Read the Docs site for well-formatted documentation. Supported Technologies: AWS (AWS Systems Manager / SSM), Local osquery. Each technology has its own plugins for targeting, collection, and persistence. Features: Efficiently highlights outliers in security-relevant instance behavior. For example, you can use Diffy to tell you which of your instances are listening on an unexpected port.
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
Comprehensive digital forensics and incident response platform for law enforcement, corporate, and academic institutions.
A powerful tool for analyzing and visualizing system activity timelines.
A tool for creating compact Linux memory dumps compatible with popular debugging tools.
Digital investigation tool for extracting forensic data from computers and managing investigations.
Exiv2 is a C++ library and command-line utility for image metadata manipulation.
Turbinia is an open-source framework for automating the running of common forensic processing tools to help with processing evidence in the Cloud.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security