ForensicMiner
Evidence collector
Automates evidence collection and analysis from Windows machines using PowerShell.
A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
148 stars
6 watching
18 forks
Language: PowerShell
last commit: 6 months ago
Linked from 1 awesome list
automationcortexcrowdstrikecyberdfiredrfastforensicsirmdrpowershellsecuritysocxdr
cugu/awesome-forensicsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 invoke-ir/powerforensics | A C#-based framework for analyzing and investigating hard drive forensic data | 1,385 |
 evild3ad/memprocfs-analyzer | Automated forensic analysis tool for Windows memory dumps | 540 |
 anssi-fr/dfir4vsphere | A PowerShell module for collecting logs and forensics data from VMware vSphere environments. | 140 |
 google/turbinia | Automates and scales digital forensic processing workflows to handle large amounts of evidence in the cloud. | 750 |
| google/cloud-forensics-utils | Tools for collecting and analyzing evidence from cloud platforms during incident response. | 464 |
 sekoialab/fastir_collector | A tool for collecting and analyzing Windows system artefacts on live systems | 506 |
 coinbase/dexter | A forensics acquisition framework for secure and extensible digital evidence collection and analysis. | 125 |
 darkquasar/azurehunter | A tool to analyze and mine cloud forensic data from Azure and O365 audit logs. | 770 |
 hashlookup/hashlookup-forensic-analyser | Analyze digital evidence by searching for files against a large public hash database and generating reports on findings. | 125 |
 swisscom/invoke-forensics | Tools for automating forensic analysis with KAPE and RegRipper | 109 |
 rastrea2r/rastrea2r | A tool for incident responders and security analysts to triage suspect systems, hunt for IOCs, and collect forensic evidence. | 238 |
 dissectmalware/officeforensictools | A Python-based collection of tools for gathering forensic information from Office documents | 26 |
 johnlatwc/pypowershellxray | Decodes and analyzes encoded PowerShell scripts to identify potential shellcode and reverse-engineered APIs. | 215 |
| google/giftstick | Automated tool for collecting and uploading forensics evidence to the cloud. | 139 |
 codeyourweb/fastfinder | Tools for detecting suspicious files and directories on Windows and Linux endpoints. | 232 |