Dshell
An extensible network forensic analysis framework that enables rapid development of plugins to support the dissection of network packet captures. Key features include deep packet analysis using specialized plugins, robust stream reassembly, IPv4 and IPv6 support, multiple user-selectable output formats, chainable plugins, parallel processing option, and the ability to create custom output handlers. It also provides guides such as the Dshell User Guide for installation and analysis, and the Dshell Developer Guide for plugin development. Requirements include Linux (developed on Ubuntu 20.04 LTS), Python 3 (developed with Python 3.8.10), pypacker, pcapy-ng, pyOpenSSL, and MaxMind GeoIP2 for geoip2.
FEATURES
ALTERNATIVES
A library to access and read QEMU Copy-On-Write (QCOW) image file formats with support for zlib compression and AES-CBC encryption.
Customizable live OS constructor tool for remote forensics and incident response.
Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.
An anti-forensic kill-switch tool for USB ports to shut down the computer immediately in case of unauthorized access.
LiME is a Linux Memory Extractor tool for acquiring volatile memory from Linux and Linux-based devices, including Android, with features like full memory captures and minimal process footprint.
A tool for extracting files from packet capture files with ease of use and extensibility for Python developers.
Dissect is a digital forensics & incident response framework that simplifies the analysis of forensic artefacts from various disk and file formats.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.