Granef Logo

Granef

0
Free
Visit Website

Granef is a toolkit for network forensics that implements graph-based analysis of network traffic data. The toolkit processes network traffic captures and stores them in a Dgraph database for analysis through a web interface. Key components include: - Docker container modules for data processing - Transformation of Zeek logs from PCAP files into RDF triples - Support for MISP threat sharing data and NetFlow traffic analysis - Interactive web interface for exploratory data analysis - Database schema based on Zeek log format - Predefined queries and visualizations for network traffic analysis The system architecture consists of: - Extraction modules for processing input data - Transformation modules for data conversion - Data handling module with graph database - API module for querying - Web interface for analysis and visualization

FEATURES

ALTERNATIVES

A modified version of GNU dd with added features like hashing and fast disk wiping.

A suite of console tools for working with timestamps in Windows with 100-nanosecond precision.

A library to access and parse Windows NT Registry File (REGF) format.

Universal hexadecimal editor for computer forensics, data recovery, and IT security.

A collection of tools for extracting and analyzing information from .git repositories

A framework/scripting tool to standardize and simplify the process of scripting favorite Live Acquisition utilities for Incident Responders.

Python forensic tool for extracting and analyzing information from Firefox, Iceweasel, and Seamonkey browsers.

Remote Acquisition Tool

PINNED