Forensia
Forensia is an anti-forensics tool designed for Red Teamers to erase footprints in the post-exploitation phase, reducing payload burnout and increasing detection countdown. It can be used to test the capabilities of incident response/forensics teams by unloading Sysmon driver, Gutmann method file shredding, USNJrnl disabler, prefetch disabler, log eraser, event log disabler, user assist update time disabler, access time disabler, clear recent items, clear Shim cache, clear RecentFileCache, clear ShellBag, delete Windows Defender quarantine files, file melting capabilities, and more. It also includes an important update that adds the ability to clear recent items, Shim cache, RecentFileCache, ShellBag, and quarantine files, with upcoming features like USNJrnl execution on all disk drives, unallocated space rewriting, and further enhancements. Credits to various contributors are acknowledged.
FEATURES
ALTERNATIVES
Analyzing WiFiConfigStore.xml file for digital forensics on Android devices.
A digital investigation platform for parsing, searching, and visualizing evidences with advanced analytics capabilities.
Create checkpoint snapshots of the state of running pods for later off-line analysis.
Yara pattern matching tool for forensic investigations with predefined rules for magic headers in files and raw images.
WinSearchDBAnalyzer can parse and recover records in Windows.edb, providing detailed insights into various data types.
A tool for collecting and analyzing screenshots from remote desktop protocols, web applications, and VNC connections.
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.