Dshell
An extensible network forensic analysis framework that enables rapid development of plugins to support the dissection of network packet captures. Key features include deep packet analysis using specialized plugins, robust stream reassembly, IPv4 and IPv6 support, multiple user-selectable output formats, chainable plugins, parallel processing option, and the ability to create custom output handlers. It also provides guides such as the Dshell User Guide for installation and analysis, and the Dshell Developer Guide for plugin development. Requirements include Linux (developed on Ubuntu 20.04 LTS), Python 3 (developed with Python 3.8.10), pypacker, pcapy-ng, pyOpenSSL, and MaxMind GeoIP2 for geoip2.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A Mac OS X forensic utility for ensuring correct forensic procedures during disk imaging.
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
Fridump is an open source memory dumping tool using the Frida framework for dumping memory addresses from various platforms.
Powerful tool for searching and hunting through Windows forensic artefacts with support for Sigma detection rules and custom Chainsaw detection rules.
A collection of tools for extracting and analyzing information from .git repositories
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.