usbrip
usbrip is a forensics tool with a command line interface for tracking USB device artifacts on Linux machines. It analyzes Linux log data and can build USB event history tables with details like connected/disconnected date & time, vendor ID, product ID, manufacturer, serial number, and port. It can export data as JSON, generate a list of authorized USB devices, and search for violation events.
FEATURES
ALTERNATIVES
An anti-forensic kill-switch tool for USB ports to shut down the computer immediately in case of unauthorized access.
Visually inspect regex matches in binary data/text with YARA and regular expressions, displaying matched bytes and surrounding context.
A community-sourced repository of digital forensic artifacts in YAML format.
iOSForensic is a Python tool for forensic analysis on iOS devices, extracting files, logs, SQLite3 databases, and .plist files into XML.
A tool with advanced filtering capabilities for analyzing events based on time, path, weekday, and date.
A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.
GUI-based memory forensic capture tool for cyber forensics and cyber crime investigation.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.