CyberPipe-Timeliner: From Collection to Timeline in One Script
CyberPipe-Timeliner was developed in response to a colleague’s query about integrating Magnet Response collections with ForensicTimeliner. This tool automates the workflow, transforming collection data into a unified forensic timeline. With features like date filtering and flexible input options, it streamlines the timeline generation process, making it efficient and user-friendly. #DFIR
CyberPipe v5.3: Enhanced PowerShell Compatibility and Reliability
I’m pleased to announce the release ofΒ CyberPipe v5.3, bringing critical compatibility improvements for Windows PowerShell 5.1 and enhanced reliability across all PowerShell environments. The Problem After releasing v5.2 with the new unified banner design, several users reported an interesting issue: CyberPipe would execute perfectly in PowerShell Core, but in Windows PowerShell 5.1, the script wouldβ¦
Streamline Digital Evidence Collection with CyberPipe 5.2
CyberPipe, developed for incident response, is a PowerShell script facilitating efficient digital evidence collection in enterprise settings. Recent updates include improved collection methods, capabilities like QuickTriage for faster artifact gathering, and enhanced reliability with advanced error handling. Version 5.2 aims to streamline operations while ensuring forensic integrity and transparency. #DFIR
Cross-Platform DFIR Tools: MalChelaGUI on Windows
A trick and a treat this week with a quiet milestone for cross-platform DFIR tooling β MalChelaGUI now runs seamlessly inside Windows through Ubuntu WSL2, with zero configuration required. #DFIR #MalwareAnalysis
Is your USB device slowing down your forensic investigation?
In digital forensics, reliable storage is essential for effective workflows. Crabwise, a USB benchmarking utility, addresses performance variability by calculating read and write speeds under direct conditions, bypassing caching. It logs results for easy comparison, allowing users to optimize connections. This tool ensures informed decisions on hardware setups, improving efficiency and consistency in forensics tasks.
Enhance Threat Hunting with MITRE Lookup in MalChela 3.0.2
The recent update of MalChela 3.0.2 introduces MITRE Lookup, a tool that allows forensic investigators to search the MITRE ATT&CK framework offline. This feature enhances investigation speed by supporting keyword and Technique ID searches while providing tactic categories and detection guidance. Users can save results directly for future reference, enhancing analysis efficiency.
Toby-Find: Simplifying Command-Line Forensics Tools
Toby-Find is a terminal-based tool designed for digital forensics, providing users with an easy way to discover command-line tools available in KALI and REMnux. Initially created for a university course, it allows quick searches for tools, descriptions, and examples, enhancing usability in forensic analysis without memorization or manual searching.
Sharper Strings and Smarter Signals: MalChela 3.0.1
π― MalChela v3.0.1 is live Sharper strings. Smarter signals.
This update tightens forensic detection across the board: β’ β Improved mstrings output and MITRE mappings β’ π Built-in MITRE technique lookup (GUI) β’ π FileMiner gets βselect allβ + subtool optimizations β’ π§ Smarter regex, better signal-to-noise for analysts β’ π¦ Compiled & tuned forβ¦
Portable Forensics with Toby: A Raspberry Pi Toolkit
Toby is a compact, portable forensics toolkit built on a Raspberry Pi Zero 2 W, designed for ease of use in field analysis and malware triage. It operates headlessly via SSH or VNC, supports various forensic tools, and offers modular connectivity and power options.
MalChela v3.0: Case Management, FileMiner, and Smarter Triage
MalChela v3.0 enhances investigative workflows by introducing cases for organization, replacing MismatchMiner with FileMiner for improved file analysis, and suggesting tools based on file characteristics, streamlining the analysis process. #MalChela #DFIR #MalwareAnalysis
Something went wrong. Please refresh the page and/or try again.
Follow My Blog
Get new content delivered directly to your inbox.
Baker Street Forensics 