forensic-tool

Here are 4 public repositories matching this topic...

Log forensic artifacts as JSON in ECS format. Part of the Forensic Artifacts Collecting Toolkit.

go pipeline ecs dfir artifacts fact forensic flog forensic-tools forensic-tool

Mount various disk images for forensic read-only processing. Part of the Forensic Artifacts Collecting Toolkit.

go pipeline dfir mount fact forensic umount forensic-tools forensic-tool fmount

Find forensic artifacts in mount points or the live system. Part of the Forensic Artifacts Collecting Toolkit.

go windows pipeline dfir artifacts fact forensic forensic-tools forensic-tool ffind

Extract the BootKey from an offline system hive.

go windows registry extract forensics-tools forensic-tool bootkey

Add a description, image, and links to the forensic-tool topic page so that developers can more easily learn about it.

To associate your repository with the forensic-tool topic, visit your repo's landing page and select "manage topics."