CSIRT-Collect – PowerShell Script To Collect Memory And (Triage) Disk Forensics

A PowerShell script to collect memory and (triage) disk forensics for incident response investigations. The script leverages a network share, from which it will access and copy the required executables and subsequently upload the acquired evidence to the same share post-collection. Permission requirements for said directory will be dependent on the nuances of the environmentRead More

IRTriage – Incident Response Triage – Windows Evidence Collection For Forensic Analysis

Scripted collection of system information valuable to a Forensic Analyst. IRTriage will automatically “Run As ADMINISTRATOR” in all Windows versions except WinXP. The original source was Triage-ir v0.851 an Autoit script written by Michael Ahrendt. Unfortunately Michael’s last changes were posted on 9th November 2012 I let Michael know that I have forked his project:Read More

OSV – Open Source Vulnerability DB And Triage Service

OSV is a vulnerability database and triage infrastructure for open source projects aimed at helping both open source maintainers and consumers of open source. For open source maintainers, OSV’s automation helps reduce the burden of triage. Each vulnerability undergoes automated bisection and impact analysis to determine precise affected commit and version ranges. For open sourceRead More

SitRep – Extensible, Configurable Host Triage

[*] SitRep is intended to provide a lightweight, extensible host triage alternative. Checks are loaded dynamically at runtime from stand-alone files. This allows operators to quickly modify existing checks, or add new checks as required. Checks are grouped by category and can be marked as OpSec safe/unsafe. unsafe checks are only loaded if the /AllowUnsafeRead More

X