ssm-acquire Logo

ssm-acquire

0
Free
Visit Website

A python module for orchestrating content acquisitions and analysis via Amazon SSM. Features include acquiring memory from a Linux instance to an S3 bucket using SSM, interrogating an instance for top-10 IOCs using OSQuery, analyzing a memory sample on a machine using Docker, and creating a rekall profile using an instance as a build target running the Amazon SSM Agent. This is a pre-release and is free software under the MPL 2.0 License. For more information, refer to the documentation at https://ssm-acquire.readthedocs.io.

FEATURES

ALTERNATIVES

An anti-forensic Linux Kernel Module kill-switch for USB ports.

Forensic imaging program with full hash authentication and various acquisition options.

A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.

Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.

A command-line tool for searching and extracting strings from files with various options like ASCII and Unicode string search.

DFIR ORC Documentation provides detailed instructions for setting up the build environment and deploying the tool.

A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.

Universal hexadecimal editor for computer forensics, data recovery, and IT security.