Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
1bb65be90903eee45e15d24af2b6c0dd010d78e1b445c853660193498c6eb8f8
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
5d1cc57b1cde53ab593b0b89c3617da3df857eb179522dce6f782dd71400eac5
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
67612cefb5ed1c2a8bd34eb1e694adb0deab7abb0041128461794289f0d55190
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
8ea6f97365251b45ba9c6309e8b51366f74ef9536f1dad257d2ef65b930d88fa
GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.
cebdc54c08fbf73c1dc36e7ad084e8d5637c9e8d3bc4821717eb8182601860b2
PoShFoTo is the PowerShell Forensics Toolkit, which contains a dozen PowerShell tools that allow you to do basic incident response and malware forensics. It includes Hex Dumper, Registry timeline generator, File timeline generator, and PE-block analyzer.
2516e4a082ce0e53db6d6ba8ddfba777505de06d31bfefcccdabcff2c0057a2b
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
08cc8bbae705e5ea3643d876e93b0dd14dd593595de0ae6ecf6a1089a056af25
This tool enables a forensic investigator to map connections to originating processes on Android. It does not require root privileges but requires adb and usb debugging. It is meant to assist in detection of malicious APKs.
eedc44e09534f1c71557e98530d738af8b8bd453581549b3ddb72e95a6d93ed0
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
e29a9ddd3c50a61497594dbfeb1263ace0bbd21f51b26e136d50480e96a396d4
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
81bb75ca79ffbb80d1cd1cbf1eb4137bd99bcdef18081279196a64b53a6b67f0
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
3e44a05f0eedbc975caae05e97abba4180b1ee68cd57e805f9a6f4b5ee24874d
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
ae57c8a21c2d227c1da015994adc64253f0e248b89f387015b92bfbd5c8afc05
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
5afbe6c5e0bd259d772e5a5cbb4b8ccce42387b7797d12701a68c272424f3faa
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
3a8266ae401d355298c31567df9ddb852a88a6a4a046df54bb7ff50e1cacccaf
ChromeFreak is a python script that lets you look at history, downloads, bookmarks, and cookies for a given Chrome client.
04ef8fca4c69d704bdadc41914416652c14a94a72450dca294bcd9fe0180976d
This tool can be used to enumerate Skype users profiles, contacts, messages, and calls from the main.db file. This is automated easy to use application in which to perform forensic spelunking of Skype data.
c5eb5f2d1fcead4e96207e4b85959a611b231d00883e83e72cbcb504f8e2d96d
This is a statically compiled version of Busybox that contains multiple built-in utilities including the ash shell. It was created with forensics use cases in mind.
ad78938a532173ac62ba2999a6361d901885ce4ddbd6a37f3f768f2cc722abb0
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
3e0854ca7338efe0a0688525ac09c015a0cf8cc16db0840fa5c65351038594ac
Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.
bb3db24ceb168a4ff7687bd7d877b71a411226d83905158d3b5d10be38c9b052
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
ffe982babe45ec9f674c2df0bd0a79f87feded95e42a590feafaba4dbd11c5e7
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
3abe6e1063e80a66c609e4a0d369660588bfdefb8c8fff994d8199dab739ca5e
FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.
3bd4a66c685e365d0dc4f74edaf220808530d75e78fa0246c7727d5597e95af2
F0xChas3r is a forensic tool for extracting and viewing internet artifacts from Mozilla Firefox. The internet artifacts include bookmark, auto-complete, download, cookie, DomStorage, history, extension and cache records. All the outputs will be saved into CSV file with UTC time.
4fa6d2540816014047006fa13458ba935ad5850ee82f723dfaee600cd085fe5a
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
96572d815cb2a391c7c15a03fc0240366cd4997c4e93649fa5658abd9bbe344c
Dumpzilla extracts all forensically interesting information from Firefox, Iceweasel and Seamonkey browsers. Written in Python.
65a9d9d995e274d497b0bd3c11c2720735a0a5e970ce551bfa3eff7cec43ee9c