Docker Forensics Toolkit
This toolkit allows for post-mortem analysis of Docker runtime environments using forensic HDD copies of the docker host system. Features include mounting forensic images, displaying status information, listing images and containers, showing image history and configuration, displaying container logs, mounting container file systems, and extracting file system metadata for creating timelines.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
mac_apt is a versatile DFIR tool for processing Mac and iOS images, offering extensive artifact extraction capabilities and cross-platform support.
A command-line tool for searching and extracting strings from files with various options like ASCII and Unicode string search.
A tool for triaging crash files with various output formats and debugging engine options.
A library and tools to access and manipulate VMware Virtual Disk (VMDK) files.
Developing APIs to access memory on industrial control system devices.
usbdeath is an anti-forensic tool that manipulates udev rules for known USB devices and performs actions on unknown USB device insertion or specific USB device removal.
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.
Tool for parsing Android logs events and protobuf data
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.