unix_collector
unix_collector is a shell script for basic forensic collection of various artefacts from UNIX systems. It runs on various Unix systems and attempts to collect artefacts which could be analysed in attempt to identify potential system compromise. It does a better job when running as root because it can read more files of course. Available platforms: Sun Solaris, Linux, IBM AIX, HPUX, MacOS, Debian, Ubuntu, CentOS, Red Hat, Android, Probably others as well. Script Activities: * Enumerate basic host information such as kernel version, processes, hostname and save details in output directory. * Enumerate files written to the disk and create basic timeline using 'stat' command. * Enumerate network information and save details in output directory. * Enumerate patch and installed software information and save details in output directory. * Enumerate process list and other process information and save details in output directory. * Enumerate application lists, plist/apk for iOS/Android save them in output directory.
FEATURES
ALTERNATIVES
A script to assist in creating templates for VirtualBox to enhance VM detection evasion.
A collection of Mac OS X and iOS forensics resources with a focus on artifact collection and collaboration.
Forensic imaging program with full hash authentication and various acquisition options.
Python forensic tool for extracting and analyzing information from Firefox, Iceweasel, and Seamonkey browsers.
A script for extracting common Windows artifacts from source images and VSCs with detailed dependencies and usage instructions.
A user-friendly and fast Forensic Analysis tool with features like tagging files and generating preview reports.
A forensic tool to find hidden processes and TCP/UDP ports by rootkits or other hidden techniques.
No More Ransom is a collaborative project to combat ransomware attacks by providing decryption tools and prevention advice.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.