ssm-acquire
A python module for orchestrating content acquisitions and analysis via Amazon SSM. Features include acquiring memory from a Linux instance to an S3 bucket using SSM, interrogating an instance for top-10 IOCs using OSQuery, analyzing a memory sample on a machine using Docker, and creating a rekall profile using an instance as a build target running the Amazon SSM Agent. This is a pre-release and is free software under the MPL 2.0 License. For more information, refer to the documentation at https://ssm-acquire.readthedocs.io.
FEATURES
ALTERNATIVES
Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.
A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.
A tool for fixing acquired .evt Windows Event Log files in digital forensics.
A high-performance digital forensics exploitation tool for extracting structured information from various inputs without parsing file system structures.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.
A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.
GVfs is a userspace virtual filesystem implementation for GIO with various backends and features.
Hindsight is a free tool for analyzing web artifacts from Google Chrome/Chromium browsers and presenting the data in a timeline for forensic analysis.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.