Awesome-Mirrors/awesome-incident-response
1
0
Fork 0
mirror of https://github.com/meirwah/awesome-incident-response.git synced 2024-07-02 17:21:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #45 from hslatman/hs_fastir_linux

Browse Source 
FastIR for Linux + Linux Evidence Collection category
This commit is contained in:
Meir Wahnon 2016-01-27 16:10:40 +02:00
commit 3350d01835
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -13,6 +13,7 @@ A curated list of tools and resources for security incident response, aimed to h
- [Evidence Collection](#evidence-collection) - [Evidence Collection](#evidence-collection)
- [Windows Evidence Collection](#windows-evidence-collection) - [Windows Evidence Collection](#windows-evidence-collection)
- [OSX Evidence Collection](#osx-evidence-collection) - [OSX Evidence Collection](#osx-evidence-collection)
- [Linux Evidence Collection](#linux-evidence-collection)
- [Sandboxing/reversing tools](#sandboxingreversing-tools) - [Sandboxing/reversing tools](#sandboxingreversing-tools)
- [Linux Distributions](#linux-distributions) - [Linux Distributions](#linux-distributions)
- [Other tools](#other-tools) - [Other tools](#other-tools)
@ -49,7 +50,7 @@ A curated list of tools and resources for security incident response, aimed to h
### Timeline tools ### Timeline tools
* [Plaso](https://github.com/log2timeline/plaso) - a Python-based backend engine for the tool log2timeline * [Plaso](https://github.com/log2timeline/plaso) - a Python-based backend engine for the tool log2timeline
* [Timesketch](https://github.com/google/timesketch) -open source tool for collaborative forensic timeline analysis * [Timesketch](https://github.com/google/timesketch) - open source tool for collaborative forensic timeline analysis
* [Highlighter](https://www.fireeye.com/services/freeware/highlighter.html) - Free Tool available from Fire/Mandiant that will depict log/text file that can highlight areas on the graphic, that corresponded to a key word or phrase. Good for time lining an infection and what was done post compromise * [Highlighter](https://www.fireeye.com/services/freeware/highlighter.html) - Free Tool available from Fire/Mandiant that will depict log/text file that can highlight areas on the graphic, that corresponded to a key word or phrase. Good for time lining an infection and what was done post compromise
### All in one Tools ### All in one Tools
@ -93,6 +94,10 @@ A curated list of tools and resources for security incident response, aimed to h
* [OSX Auditor](https://github.com/jipegit/OSXAuditor) - OSX Auditor is a free Mac OS X computer forensics tool * [OSX Auditor](https://github.com/jipegit/OSXAuditor) - OSX Auditor is a free Mac OS X computer forensics tool
* [OSX Collector](https://github.com/yelp/osxcollector) - An OSX Auditor offshoot for live response * [OSX Collector](https://github.com/yelp/osxcollector) - An OSX Auditor offshoot for live response
### Linux Evidence Collection
* [FastIR Collector Linux](https://github.com/SekoiaLab/Fastir_Collector_Linux) - FastIR for Linux collects different artefacts on live Linux and records the results in csv files.
### Sandboxing/reversing tools ### Sandboxing/reversing tools
* [Cuckoo](https://github.com/cuckoobox) - Open Source Highly configurable sandboxing tool * [Cuckoo](https://github.com/cuckoobox) - Open Source Highly configurable sandboxing tool
* [Cuckoo-modified](https://github.com/spender-sandbox/cuckoo-modified) - Heavily modified Cuckoo fork developed by community * [Cuckoo-modified](https://github.com/spender-sandbox/cuckoo-modified) - Heavily modified Cuckoo fork developed by community