Sites get hacked, it’s not pleasant but it happens. A critical part of it, especially in my experience, has been the web application log forensics applied directly after an attack. You can us
Category: Forensics
CapTipper is a Python tool to explore malicious HTTP traffic, it can also help analyse and revive captured sessions from PCAP files. It sets up a web server that acts exactly as the server in the P
GRR Rapid Response is an incident response framework focused on remote live forensics. It based on client server architecture, so there’s an agent which is installed on target systems and a P
FastIR Collector is Windows incident response tool that offers the possibility to extract classic artefacts such as memory dump, auto-started software, MFT, MBR, Scheduled tasks, Services and recor