Orochi Logo

Orochi

0
Free
Visit Website

Orochi is an open source framework for collaborative forensic memory dump analysis. Using Orochi, you and your collaborators can easily organize your memory dumps and analyze them all at the same time. Orochi architecture uses Volatility 3, saves Volatility results in ElasticSearch, distributes loads among nodes using Dask, uses Django as frontend, uses Postgresql to save users and analysis metadata such as status and errors, uses MailHog to manage the users registration emails, and uses Redis for caching.

FEATURES

ALTERNATIVES

A library to access and parse Windows Shortcut File (LNK) format.

A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.

A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.

Malscan is a tool to scan process memory for YARA matches and execute Python scripts.

Online platform for image steganography analysis

A comprehensive guide to incident response and computer forensics, covering the entire lifecycle of incident response and remediation.

An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.

GVfs is a userspace virtual filesystem implementation for GIO with various backends and features.

PINNED