Softrace is a Golang application designed for storing and querying the NIST National Software Reference Library Reference Data Set (NSRL RDS). The tool utilizes Bolt database technology to provide fast and lightweight hash lookup capabilities. The application supports MD5 and SHA1 hash searches against the NSRL database, which contains reference data for known software files. This functionality enables forensic investigators and security professionals to identify known good files during digital investigations. To use Softrace, users must first download the Modern RDS Minimal archive from the NIST Current RDS Hash Sets page and extract the required files (NSRLFile.txt, NSRLMfg.txt, NSRLOS.txt, NSRLProd.txt) into the specified directory structure. The tool includes Docker support for building the database creation environment. The application's compact design and efficient database structure make it suitable for environments where storage space and query performance are important considerations for hash-based file identification tasks.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A library for accessing and parsing Windows NT Registry File (REGF) format files, designed for digital forensics and registry analysis applications.
A digital forensics tool that provides read-only access to file-system objects from various storage media types and file formats.
A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.
A library for accessing and parsing Microsoft Internet Explorer cache files (index.dat) to extract URLs, timestamps, and cached content for digital forensic analysis.
Zenduty's platform provides real-time operational health monitoring and incident response orchestration to improve incident response times and build a solid on-call culture.
Free software for extracting Microsoft cabinet files, supporting all features and formats of Microsoft cabinet files and Windows CE installation files.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.