R-CSIRT Linux Triage tool
Linux Server Triage tool for CSIRT. Collect not only 'log files' but also 'config file' and "web server's script files" Find Suspicious Script and Binary on Web Server. Include : Backup function of Web...
View ArticleMicrosoft Research Open Data
A collection of free datasets from Microsoft Research to advance state-of-the-art research in areas such as natural language processing, computer vision, and domain specific sciences. Download or copy...
View Articlememtriage
Allows you to quickly query a live Windows machine for RAM artifacts This tool utilizes the Winpmem drivers to access physical memory, and Volatility for analysis. Caveats: Doesn't work with Device...
View ArticleCellHawk
CALL MAPPING View graphical representations of individual calls on a map. CALL ANIMATION Use CellHawk’s unique “VCR” capability to animate calls as they occur over time. When a call occurs it will be...
View ArticleTraceWrangler - Packet Capture Toolkit
TraceWrangler is a network capture file toolkit running on Windows (or on Linux, using WINE) that supports PCAP as well as the new PCAPng file format, which is now the standard file format used by...
View ArticleCellHawk - Call Detail Record Mapping and Analysis Software
CellHawk is law enforcement’s and Digital Forensic Examiner’s No. 1 choice when it comes to mapping and analyzing cell phone Call Detail Records and Tower Dumps. Used by over 300+ agencies and over...
View ArticleGuasap - WhatsApp Forensic Tool
The Guasap Forensic implemented in Python under the GNU General Public License, for the extraction and analysis of files, data bases and logs for forensic WhatsApp. What it does? Check root in device...
View ArticleClik here to view.
Bitwar Data Recovery Software
Bitwar Data Recovery Software fully compatible with windows 10/8/7/Vista/XP, the software specialized in recovering docs, photo, video, music and archive. It offers easy 3 steps mode to recover lost or...
View ArticleClik here to view.
Netflix-Skunkworks/diffy
Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response....
View ArticleCalifornia Cyber Innovation Challenge
The CCI is excited to announce the launch of the 2018 California Cyber Innovation Challenge (CCIC)! The CCIC is a statewide high school cybersecurity competition designed to introduce more students to...
View ArticleRED (Formerly High School Forensics Challenge)
HSF is now RED. Formerly the High School Forensics Challenge, this competition has been redesigned as a two-part red team investigation for high school students. The online Qualification Round will...
View ArticleNational Collegiate Cyber Defense Competition
On February 27 and 28, 2004, a group of educators, students, government and industry representatives gathered in San Antonio, Texas, to discuss the feasibility and desirability of establishing regular...
View ArticleDFRWS Forensic Challenge
Internet of Things Forensic Challenge: This DFRWS Forensic Challenge aspires to motivate new approaches to forensic analysis and has four levels of participation. Evaluating and Expressing Conclusions:...
View ArticleRedBlack C3X: Canadian Collegiate Cyber Exercise
The Canadian Collegiate Cyber Exercise (C3X) is designed to develop, broaden and enhance the skills base of the next generation of Cyber Security and ICT professionals. The concept in brief: The...
View Articlegrayfold3d/POSH-Triage
Tools for parsing Forensic images PowerShell script that automates the use of Eric Zimmerman's cmd line tools (https://ericzimmerman.github.io/) against a mounted forensic image. The following tools...
View ArticleAmped Authenticate
Amped Authenticate is a software package for forensic image authentication and tamper detection on digital photos. Authenticate provides a suite of different tools to determine whether an image is an...
View ArticleMatthewClarkMay/fTriage
My attempt at automating forensic data acquisition, reduction, and overall triage. Scripts I threw together for quickly gathering forensic artifacts from suspect memory/disk image(s), carving, etc....
View Articleciphertechsolutions/IO
Simple Imaging. Tactical Triage. Zero Clicks. About IO: Imaging for Operations (IO) is a zero-click forensic imaging tool designed for use in high-stress environments. IO automatically enables a...
View ArticlePerturbed Quantization
On this page, you can download a MATLAB implementation of the Perturbed Quantization (PQ) steganography. It includes both original PQ [1] and its modified versions PQt and PQe as described in [2]....
View Articlefindaes
Searches for AES keys by searching for their key schedules. Able to find 128. 192, and 256 bit keys, such as those used by TrueCrypt and BitLocker. Originally intended for memory images, can use...
View Article