RecuperaBit
DFIRMindMaps
RecuperaBit | DFIRMindMaps | |
---|---|---|
5 | 3 | |
504 | 475 | |
- | - | |
5.0 | 1.8 | |
29 days ago | over 1 year ago | |
Python | ||
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
RecuperaBit
- RecuperaBit: A tool for forensic file system reconstruction
-
please help, need disk recovery software free or cheap
RecuperaBit (If you don't mind CLI)
-
Need help, with creating a symlink.
$ sudo -s # cd /opt # git clone https://github.com/Lazza/RecuperaBit.git
-
Pypy is using 16gb of RAM!
I am using a thing called "Recuperabit", could be the problem instead of pypy then...
- Laptop mit einem Klaps ausschalten; praktisch. ANEKDOTE
DFIRMindMaps
What are some alternatives?
xfs_undelete - An undelete tool for the XFS filesystem.
awesome-incident-response - A curated list of tools for incident response
RELY - RELY (Name composed on project members Romy, Esther, Lucille and Yassir) is a python tool developed to help a Digital Forensics Triage procedure on some Microsoft Windows devices.
KapeFiles - This repository serves as a place for community created Targets and Modules for use with KAPE.
ansible-manage-lvm - Ansible role to manage LVM Groups/Logical Volumes
ccl_chrome_indexeddb - (Sometimes partial) Python re-implementations of the technologies involved in reading various data sources in Chrome-esque applications.
mac_apt - macOS (& ios) Artifact Parsing Tool
sysmon-config - Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
INDXRipper - Carve file metadata from NTFS index ($I30) attributes
EventTranscript.db-Research - A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
PSNTFSPermissions - A PowerShell module for getting and managing NTFS permissions in a Windows Active Directory environment.
ntfsdump - An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.