Faster & Better Way to analyze the EML Files
-
Updated
Apr 4, 2023 - Python
Faster & Better Way to analyze the EML Files
Manage loki scans over a large network.
Este script recompilará una gran parte de la información que se suele obtener de un sistema Linux ante un peritaje o análisis forense. Además toda la información será firmada con SHA256.
Toolset to analyze disks encrypted with McAFee FDE technology
This script is designed to pull data from the carbon black cloud. One disadvantage of the CBC GUI is the inability to see the command line for each process in bulk. Instead, you need to click on each process individually. This spits out the command line so you can quickly spot evil.
Scripts automating computer forensics for Windows and Linux
Confirm file type by matching the magic signature ("number").
🚀 IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS through playbook automation and seamless integrations. Easily extensible and in active development. Join us in building a tool geared towards enhancing security efficiency!
Cortex-Analyzers Modified - SecTeam/CERT/SOC Security orchestration tools on steroids
CLI generator for Velociraptor offline collector
AutoParser is a forensic tool for parsing offline registry hives.
Binalyze AIR and Carbon Black Cloud Integration
Mac PenTesting & Digital Forensics Collection
Create a timeline of files in a folder.
Resources for DFIR. And more.
splits a URL into individual components, unescapes arguments, and performs light calculations for manual or automated analysis
CrowdStrike API Client Library
Ingest and query NIST NSRL Reference Data Sets in Elasticsearch with Python tools and libraries.
Add a description, image, and links to the dfir-automation topic page so that developers can more easily learn about it.
To associate your repository with the dfir-automation topic, visit your repo's landing page and select "manage topics."