A digital investigation platform for parsing, searching, and visualizing evidences with advanced analytics capabilities.
Acquire, triage, and investigate remote evidence via portable iSCSI readonly access. The project is based on the work of TalAloni and Fujita, aiming to provide a command line, open-source tool for forensic acquisition and analysis scenarios.
A digital investigation platform for parsing, searching, and visualizing evidences with advanced analytics capabilities.
RegRippy is a modern Python 3 alternative to RegRipper for extracting data from Windows registry hives.
NBD is a userland implementation of the Network Block Device protocol, allowing for remote access to block devices over a network.
A library to access the Expert Witness Compression Format (EWF) for digital forensics and incident response.
Create checkpoint snapshots of the state of running pods for later off-line analysis.
Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.