A basic shell pipeline for extracting forensic artifacts from disk images. Relevant artifacts will be processed and provided in ECS format for ingestion with Logstash.
-
Updated
Jun 14, 2024 - Go
A basic shell pipeline for extracting forensic artifacts from disk images. Relevant artifacts will be processed and provided in ECS format for ingestion with Logstash.
Scans recursively a path to match given sha1 checksums.
Go library to allow native inline hooking in windows at runtime
Live system forensic collector
FileTrove indexes files and creates metadata from them.
Digging Deeper....
Add a description, image, and links to the forensics-investigations topic page so that developers can more easily learn about it.
To associate your repository with the forensics-investigations topic, visit your repo's landing page and select "manage topics."