Dissect
0 (0)
Dissect is a digital forensics & incident response framework that simplifies the analysis of forensic artefacts from various disk and file formats.
MemProcFS is an easy and convenient way of viewing physical memory as files in a virtual file system. Easy trivial point and click memory analysis without the need for complicated commandline arguments! Access memory content and artifacts via files in a mounted virtual file system or via a feature rich application library to include in your own projects! Analyze memory dump files, live memory via DumpIt or WinPMEM, live memory in read-write mode from virtual machines or from PCILeech FPGA hardware devices! It's even possible to connect to a remote LeechAgent memory acquisition agent over a secured connection - allowing for remote live memory incident response - even over higher latency low band-width connections! Peek into Virtual Machines with MemProcFS, LiveCloudKd or VMware! Use your favorite tools to analyze memory - use your favorite hex editors, your python and powershell scripts, WinDbg or your favorite disassemblers and debuggers - all will work trivally with MemProcFS by just reading and writing files! Get Started! Check out the excellent quick walkthrough from 13Cubed to get going! Also check out my older conference talks from Disobey and BlueHat. For additional information, visit the official website.
Dissect is a digital forensics & incident response framework that simplifies the analysis of forensic artefacts from various disk and file formats.
CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.
DMG2IMG is a tool for converting Apple compressed dmg archives to standard image disk files with support for zlib, bzip2, and LZFSE compression.
No More Ransom is a collaborative project to combat ransomware attacks by providing decryption tools and prevention advice.
iOS Mobile Backup Xtractor tool for extracting iOS backups.
Customizable live OS constructor tool for remote forensics and incident response.