Recog
A recognition framework for identifying products, services, operating systems, and hardware by matching fingerprints against network probes.
unix_collector is a shell script for basic forensic collection of various artefacts from UNIX systems. It runs on various Unix systems and attempts to collect artefacts which could be analysed in attempt to identify potential system compromise. It does a better job when running as root because it can read more files of course. Available platforms: Sun Solaris, Linux, IBM AIX, HPUX, MacOS, Debian, Ubuntu, CentOS, Red Hat, Android, Probably others as well. Script Activities: * Enumerate basic host information such as kernel version, processes, hostname and save details in output directory. * Enumerate files written to the disk and create basic timeline using 'stat' command. * Enumerate network information and save details in output directory. * Enumerate patch and installed software information and save details in output directory. * Enumerate process list and other process information and save details in output directory. * Enumerate application lists, plist/apk for iOS/Android save them in output directory.
A recognition framework for identifying products, services, operating systems, and hardware by matching fingerprints against network probes.
A tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container, aiding in digital forensic triage.
A console program for file recovery through data carving.
Highlighter is a FireEye Market app that integrates with FireEye products to provide enhanced cybersecurity capabilities.
dc3dd is a patch to the GNU dd program, tailored for forensic acquisition with features like hashing and file verification.
A cross-platform registry hive editor for forensic analysis with advanced features like hex viewer and reporting engine.