usbrip
A forensics tool for tracking USB device artifacts on Linux machines.
The Master File Table (MFT) contains the information related to folders and files on an NTFS system. Many forensics tools parse the MFT to display the file and folder structure, making it a valuable resource for Incident Response to quickly review systems for Indicators of Compromise (IOCs) by analyzing the MFT file.
A forensics tool for tracking USB device artifacts on Linux machines.
A powerful reverse engineering framework
A library to access and read QEMU Copy-On-Write (QCOW) image file formats with support for zlib compression and AES-CBC encryption.
A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.
A reverse engineering framework with a focus on usability and code cleanliness
A python module for orchestrating content acquisitions and analysis via Amazon SSM.