Nomoreransom
No More Ransom is a collaborative project to combat ransomware attacks by providing decryption tools and prevention advice.
A python module for orchestrating content acquisitions and analysis via Amazon SSM. Features include acquiring memory from a Linux instance to an S3 bucket using SSM, interrogating an instance for top-10 IOCs using OSQuery, analyzing a memory sample on a machine using Docker, and creating a rekall profile using an instance as a build target running the Amazon SSM Agent. This is a pre-release and is free software under the MPL 2.0 License. For more information, refer to the documentation at https://ssm-acquire.readthedocs.io.
No More Ransom is a collaborative project to combat ransomware attacks by providing decryption tools and prevention advice.
A tool for parsing and extracting information from the Master File Table of NTFS file systems.
A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.
Review of various MFT parsers used in digital forensics for analyzing NTFS file systems.
GVfs is a userspace virtual filesystem implementation for GIO with various backends and features.
iOS Mobile Backup Xtractor tool for extracting iOS backups.