ssm-acquire Logo

ssm-acquire

0
Free
Visit Website

A python module for orchestrating content acquisitions and analysis via Amazon SSM. Features include acquiring memory from a Linux instance to an S3 bucket using SSM, interrogating an instance for top-10 IOCs using OSQuery, analyzing a memory sample on a machine using Docker, and creating a rekall profile using an instance as a build target running the Amazon SSM Agent. This is a pre-release and is free software under the MPL 2.0 License. For more information, refer to the documentation at https://ssm-acquire.readthedocs.io.

FEATURES

ALTERNATIVES

No More Ransom is a collaborative project to combat ransomware attacks by providing decryption tools and prevention advice.

LiME is a Linux Memory Extractor tool for acquiring volatile memory from Linux and Linux-based devices, including Android, with features like full memory captures and minimal process footprint.

An anti-forensic Linux Kernel Module kill-switch for USB ports.

Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.

GVfs is a userspace virtual filesystem implementation for GIO with various backends and features.

Windows event log fast forensics timeline generator and threat hunting tool.

Web interface for the Volatility Memory Analysis framework with advanced features.

ForensicMiner, Redefine DFIR Automations

PINNED