Linux Expl0rer
Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask. Capabilities: - View full process list - Inspect process memory map & fetch memory strings easily - Dump process memory in one click - Automatically search hash in public services (VirusTotal, Intezer, Analyze AlienVault OTX, MalShare) - Users list find - Search for suspicious files by name/regex - netstat - Whois - Logs: syslog, auth.log (user authentication log), ufw.log (firewall log), bash history - Anti-rootkit chkrootkit - YARA: Scan a file or directory using YARA signatures by @Neo23x0, Scan a running process memory address space, Upload your own YARA signature Requirements: Python 3.6 Installation: - wget https://github.com/intezer/linux-explorer/archive/master.zip -O master.zip - unzip master.zip - cd linux-explorer-master - ./deploy.sh Usage: Start your browser firefox http://127.0.0.1:8080 Configure API keys (optional): - nano config.py - Edit following lines: INTEZER_APIKEY = '<key>', VT_APIKEY = '<key>', OTX_APIKEY = '<key>', MALSHARE_APIKEY = '<key>' Notes: We recommend using NGINX reverse proxy with basic http auth & ssl for secure remote access. Tested with Ubuntu 16.04 Misc: "How to"
FEATURES
ALTERNATIVES
A forensic analysis tool that extracts and parses logs, notifications, and system information from iOS/iPadOS devices and backups.
Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.
Python script to parse macOS MRU plist files into human-friendly format
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
Python tool for remotely or locally dumping RAM of a Linux client for digital forensics analysis.
iOSForensic is a Python tool for forensic analysis on iOS devices, extracting files, logs, SQLite3 databases, and .plist files into XML.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.