Factual Rules Generator
Factual Rules Generator is an open source project that generates YARA rules about installed software from a running operating system. The software aims to use a set of rules against collected digital forensic evidences to find installed software efficiently. It can be used to baseline known software from Windows systems and create rules for identifying similar installations on other systems. Dependencies include pefile, psutil, ndjson, python-tlsh, PyInstaller, ssdeep, and additional tools like xxd and curl.
FEATURES
ALTERNATIVES
Collects and organizes Linux OS data for detailed analysis and incident response.
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
Python tool for remotely or locally dumping RAM of a Linux client for digital forensics analysis.
A suite of console tools for working with timestamps in Windows with 100-nanosecond precision.
A cybersecurity tool for collecting and analyzing forensic artifacts on live systems.
DFIR ORC Documentation provides detailed instructions for setting up the build environment and deploying the tool.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.