ssm-acquire Logo

ssm-acquire

0
Free
Visit Website

A python module for orchestrating content acquisitions and analysis via Amazon SSM. Features include acquiring memory from a Linux instance to an S3 bucket using SSM, interrogating an instance for top-10 IOCs using OSQuery, analyzing a memory sample on a machine using Docker, and creating a rekall profile using an instance as a build target running the Amazon SSM Agent. This is a pre-release and is free software under the MPL 2.0 License. For more information, refer to the documentation at https://ssm-acquire.readthedocs.io.

FEATURES

ALTERNATIVES

Remote Acquisition Tool

A next-generation crawling and spidering framework for extracting data from websites

Windows event log fast forensics timeline generator and threat hunting tool.

Hindsight is a free tool for analyzing web artifacts from Google Chrome/Chromium browsers and presenting the data in a timeline for forensic analysis.

A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.

A Mac OS X computer forensics tool for analyzing system artifacts, user files, and logs with reputation verification and log aggregation capabilities.

Python script to parse macOS MRU plist files into human-friendly format

A library to access the Extensible Storage Engine (ESE) Database File (EDB) format used in various Windows applications.