Orochi is an open source framework for collaborative forensic memory dump analysis. Using Orochi, you and your collaborators can easily organize your memory dumps and analyze them all at the same time. Orochi architecture uses Volatility 3, saves Volatility results in ElasticSearch, distributes loads among nodes using Dask, uses Django as frontend, uses Postgresql to save users and analysis metadata such as status and errors, uses MailHog to manage the users registration emails, and uses Redis for caching.
FEATURES
SIMILAR TOOLS
An extensible network forensic analysis framework with deep packet analysis and plugin support.
A bash script for automating Linux swap analysis for post-exploitation or forensics purposes.
A script to assist in creating templates for VirtualBox to enhance VM detection evasion.
ShadowCopy Analyzer is a tool for cybersecurity researchers to analyze and utilize the ShadowCopy technology for file recovery and system restoration.
Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.
Zenduty's platform provides real-time operational health monitoring and incident response orchestration to improve incident response times and build a solid on-call culture.
A Mac OS X forensic utility for ensuring correct forensic procedures during disk imaging.
A tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container, aiding in digital forensic triage.
Fridump is an open source memory dumping tool using the Frida framework for dumping memory addresses from various platforms.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.