FastFinder Logo

FastFinder

0
Free
Visit Website

FastFinder is a lightweight tool designed for threat hunting, live forensics, and triage on both Windows and Linux platforms. It focuses on endpoint enumeration and suspicious file finding based on various criteria such as file path/name, checksums, string content match, and YARA rules. It has been tested in real cases in multiple CERT, CSIRT, and SOC use cases, with examples including real malwares and vulnerability scan examples. Compiled releases are available, but compiling from sources may be tricky due to dependencies on go-yara and CGO compilation.

FEATURES

ALTERNATIVES

An automation platform with community support and documentation for easy development.

A collaborative and open-source incident response platform for sharing observables among analysts.

An open-source incident response case management tool that provides visualization, threat intelligence lookups, and security framework mapping in a unified workspace.

A framework for accumulating, describing, and classifying actionable Incident Response techniques

Companion repository for deploying osquery in a production environment with tailored query packs.

TheHive is a case management platform for security operations teams that facilitates incident response, threat analysis, and team collaboration.

A module-based AWS response tool for incident response in AWS environments.

Automated Digital Forensics and Incident Response (DFIR) software for rapid incident response and intrusion investigations.