diffy

Host analyzer

An incident response tool that helps digital forensics teams analyze and prioritize suspicious hosts in cloud environments

no_entry (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.

GitHub

635 stars
144 watching
59 forks
Language: Python
last commit: 11 months ago
Linked from 2 awesome lists

dfirforensicssecurity

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
fox-it/dissect A digital forensics framework that provides tools and parsers to analyze forensic artefacts from various disk and file formats. 924
hackvertor/diffy A Java application that displays differences between two responses using color-coded formatting. 0
diogo-fernan/ir-rescue A tool for comprehensively collecting host forensic data during incident response and analysis. 465
dhoelzer/showmethepackets Tools and resources for network monitoring and analysis used in the SANS SEC503 course 209
codeyourweb/fastfinder Tools for detecting suspicious files and directories on Windows and Linux endpoints. 232
idiom/pftriage Tool to analyze files during malware analysis and triage by extracting properties and detecting malicious indicators. 77
dynetics/malfunction Tools for analyzing and comparing malware at a function level using fuzzy hashing algorithms 191
ydkhatri/mac_apt A digital forensics tool for analyzing macOS and iOS systems 783
dissectmalware/officeforensictools A Python-based collection of tools for gathering forensic information from Office documents 26
detuxsandbox/detux Analyzes and captures malware traffic on Linux sandboxed environments using QEMU hypervisor and various CPU architectures. 260
dfirkuiper/kuiper An investigation platform for parsing and analyzing digital evidence, streamlining workflows and improving collaboration. 769
uqcyber/coldpress Automates malware analysis workflow by extracting features and indicators of compromise from malicious files using various tools and libraries. 16
fox-it/dissect.target Provides a programming API and command line tools to access various data sources inside disk images or file collections. 44
fox-it/dissect.xfs A parser for the XFS file system used by RedHat Linux distributions. 2
securityjoes/forensicminer Automates evidence collection and analysis from Windows machines using PowerShell. 148