Plaso
Plaso Langar Að Safna Öllu, or super timeline all the things, is a Python-based engine used by several tools for automatic creation of timelines. These timelines support digital forensic investigators/analysts, to correlate the large amount of information found in logs and other files found on an average computer. The initial purpose of Plaso was to collect all timestamped events of interest on a computer system and have them aggregated in a single place for computer forensic analysis (aka Super Timeline). However Plaso has become a framework that supports: adding new parsers or parsing plug-ins; adding new analysis plug-ins; writing one-off scripts to automate repetitive tasks in computer forensic analysis or equivalent. And is moving to support: adding new general purpose parses/plugins that may not have timestamps associated to them; adding more analysis context; tagging events; allowing more targeted approach to the collection/parsing.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Toolkit for performing acquisitions on iOS devices with logical and filesystem acquisition support.
Create checkpoint snapshots of the state of running pods for later off-line analysis.
A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.
A reverse engineering framework with a focus on usability and code cleanliness
Web interface for the Volatility Memory Forensics Framework
Open Source computer forensics platform with modular design for easy automation and scripting.
Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix's Security Intelligence and Response Team (SIRT) for scoping compromises across cloud instances.
Universal hexadecimal editor for computer forensics, data recovery, and IT security.
Windows event log fast forensics timeline generator and threat hunting tool.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.