Penguin OS Forensic (or Flight) Recorder (POFR) is a Linux-based data collection and organization system designed for forensic analysis and incident response activities. The tool captures and stores various types of system activity data including: - Process execution events and details - File access operations and modifications - Network socket endpoint creation and connections - Other operating system-level activities and events POFR organizes collected data in a structured format to facilitate detailed analysis by security professionals and forensic investigators. The system supports incident response workflows by providing comprehensive visibility into system activities that occurred during security events. The tool assists organizations in meeting compliance requirements for standards such as PCI-DSS and HIPAA by maintaining detailed audit trails of system operations. Data collected by POFR can be used for threat detection, forensic investigation, and security monitoring purposes on Linux operating systems.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Exterro is a data risk management platform that optimizes e-discovery, digital forensics, and cybersecurity compliance operations.
A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.
Zenduty's platform provides real-time operational health monitoring and incident response orchestration to improve incident response times and build a solid on-call culture.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.