Forensia
Forensia is an anti-forensics tool designed for Red Teamers to erase footprints in the post-exploitation phase, reducing payload burnout and increasing detection countdown. It can be used to test the capabilities of incident response/forensics teams by unloading Sysmon driver, Gutmann method file shredding, USNJrnl disabler, prefetch disabler, log eraser, event log disabler, user assist update time disabler, access time disabler, clear recent items, clear Shim cache, clear RecentFileCache, clear ShellBag, delete Windows Defender quarantine files, file melting capabilities, and more. It also includes an important update that adds the ability to clear recent items, Shim cache, RecentFileCache, ShellBag, and quarantine files, with upcoming features like USNJrnl execution on all disk drives, unallocated space rewriting, and further enhancements. Credits to various contributors are acknowledged.
FEATURES
ALTERNATIVES
Tool used for dumping memory from Android devices with root access requirement and forensic soundness considerations.
LiME is a Linux Memory Extractor tool for acquiring volatile memory from Linux and Linux-based devices, including Android, with features like full memory captures and minimal process footprint.
MalConfScan is a Volatility plugin for extracting configuration data of known malware and analyzing memory images.
A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.
A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.
Open Source computer forensics platform with modular design for easy automation and scripting.
A command-line utility for extracting human-readable text from binary files.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.