Orochi Logo

Orochi

0
Free
Visit Website

Orochi is an open source framework for collaborative forensic memory dump analysis. Using Orochi, you and your collaborators can easily organize your memory dumps and analyze them all at the same time. Orochi architecture uses Volatility 3, saves Volatility results in ElasticSearch, distributes loads among nodes using Dask, uses Django as frontend, uses Postgresql to save users and analysis metadata such as status and errors, uses MailHog to manage the users registration emails, and uses Redis for caching.

FEATURES

ALTERNATIVES

A reverse engineering framework with a focus on usability and code cleanliness

Browse and analyze iPhone/iPad backups with detailed file properties and various viewers.

An anti-forensic Linux Kernel Module kill-switch for USB ports.

A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.

Universal hexadecimal editor for computer forensics, data recovery, and IT security.

IE10Analyzer can parse and recover records from WebCacheV01.dat, providing detailed information and conversion capabilities.

Automated Mac Forensic Triage Collector

MalConfScan is a Volatility plugin for extracting configuration data of known malware and analyzing memory images.