Added kube-forensics

2025-04-15 04:53:06 -04:00 · 2022-02-25 09:55:49 +02:00 · 2022-02-25 09:55:49 +02:00 · 242c38bdef
commit 242c38bdef
parent b46c86d8bb
1 changed files with 1 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -103,6 +103,7 @@ Digital Forensics and Incident Response (DFIR) teams are groups of people in an
 * [CyLR](https://github.com/orlikoski/CyLR) - The CyLR tool collects forensic artifacts from hosts with NTFS file systems quickly, securely and minimizes impact to the host.
 * [Forensic Artifacts](https://github.com/ForensicArtifacts/artifacts) - Digital Forensics Artifact Repository
 * [ir-rescue](https://github.com/diogo-fernan/ir-rescue) - Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
+* [kube-forensics](https://github.com/keikoproj/kube-forensics) - Kubernetes IR tool that allows an admin to dump the current state of a running pod and all its containers for off-line forensic analysis.
 * [Live Response Collection](https://www.brimorlabs.com/tools/) - Automated tool that collects volatile data from Windows, OSX, and \*nix based operating systems.
 * [Margarita Shotgun](https://github.com/ThreatResponse/margaritashotgun) - Command line utility (that works with or without Amazon EC2 instances) to parallelize remote memory acquisition.
 * [UAC](https://github.com/tclahr/uac) - UAC (Unix-like Artifacts Collector) is a Live Response collection tool for Incident Response that makes use of built-in tools to automate the collection of Unix-like systems artifacts. Supported systems: AIX, FreeBSD, Linux, macOS, NetBSD, Netscaler, OpenBSD and Solaris.