From f9f0316d19416d6f1311a49b3e13ca3a4613fabe Mon Sep 17 00:00:00 2001 From: Herman Slatman Date: Sun, 22 Nov 2015 15:28:06 +0100 Subject: [PATCH] FastIR Collector added --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index e8ba068..146d55a 100644 --- a/README.md +++ b/README.md @@ -61,6 +61,7 @@ A curated list of tools and resources for security incident response, aimed to h ### Data Collection * [FECT](https://github.com/jipegit/FECT) - Fast Evidence Collector Toolkit (FECT) is a light incident response toolkit to collect evidences on a suspicious Windows computer. Basically it is intended to be used by non-tech savvy people working with a journeyman Incident Handler. * [PSRecon](https://github.com/gfoss/PSRecon/) - PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushed to a share, sent over email, or retained locally. +* [FastIR Collector](https://github.com/SekoiaLab/Fastir_Collector) - FastIR Collector is a tool that collects different artefacts on live Windows systems and records the results in csv files. With the analyses of these artefacts, an early compromise can be detected. ### Other Tools * [Hindsight](https://github.com/obsidianforensics/hindsight) - Internet history forensics for Google Chrome/Chromium