Faster & Better Way to analyze the EML Files
-
Updated
Apr 4, 2023 - Python
Faster & Better Way to analyze the EML Files
Manage loki scans over a large network.
Este script recompilará una gran parte de la información que se suele obtener de un sistema Linux ante un peritaje o análisis forense. Además toda la información será firmada con SHA256.
Scripts automating computer forensics for Windows and Linux
Toolset to analyze disks encrypted with McAFee FDE technology
This script is designed to pull data from the carbon black cloud. One disadvantage of the CBC GUI is the inability to see the command line for each process in bulk. Instead, you need to click on each process individually. This spits out the command line so you can quickly spot evil.
Cortex-Analyzers Modified - SecTeam/CERT/SOC Security orchestration tools on steroids
CLI generator for Velociraptor offline collector
AutoParser is a forensic tool for parsing offline registry hives.
Confirm file type by matching the magic signature ("number").
🚀 IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS through playbook automation and seamless integrations. Easily extensible and in active development. Join us in building a tool geared towards enhancing security efficiency!
Mac PenTesting & Digital Forensics Collection
Create a timeline of files in a folder.
Binalyze AIR and Carbon Black Cloud Integration
Resources for DFIR. And more.
splits a URL into individual components, unescapes arguments, and performs light calculations for manual or automated analysis
CrowdStrike API Client Library
Small Incident Response Powershell script that collects various data from the system.Good alternative to run on a system while waiting for an approved AV scan( or instead of a scan)
Add a description, image, and links to the dfir-automation topic page so that developers can more easily learn about it.
To associate your repository with the dfir-automation topic, visit your repo's landing page and select "manage topics."