Custom built application for asynchronous forensic data presentation on an Elasticsearch backend, designed to ingest Mandiant Redline 'collections' files, providing flexibility in search, stack, and tagging. The application, accompanied by a fully-fledged GOpher application, allows control over multiple investigations or hundreds of endpoints in a single pane of glass. Version 2.0, ETA March 2020, is under development with features like Docker-based installation, new UI rewrite in React, progressive and resumable triage uploading, Kibana nightHawkResponse Plugin, simplified code base with unit tests, and a simplified development environment CI/CD.
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
A Mac OS X forensic utility for ensuring correct forensic procedures during disk imaging.
A reverse engineering framework with a focus on usability and code cleanliness
Turbinia is an open-source framework for automating the running of common forensic processing tools to help with processing evidence in the Cloud.
Free software for extracting Microsoft cabinet files, supporting all features and formats of Microsoft cabinet files and Windows CE installation files.
A Mac OS X computer forensics tool for analyzing system artifacts, user files, and logs with reputation verification and log aggregation capabilities.