![]() ![]() Threat Hunting and Malware Analysis CapabilitiesĪnd here a long video by Rob Lee with a big overview of the toolkit:ĭownload and Install SIFT Workstation VM appliance.Threat Intelligence and Indicator of Compromise Support.ewfmount - mount E01 images/split images to view single raw file and metadata. ![]() mount_ewf.py - mount E01 image/split images to view single raw file and metadata.split ewf (Split E01 files) via mount_ewf.py.affuse - mount 001 image/split images to view single raw file and metadata.afflib (All AFFLIB image formats (including beta ones)).The SIFT Workstation is a collection of tools for forensic investigators and incident responders, put together and maintained by a team at SANS and specifically Rob Lee, also available bundled as a virtual machine. In my point of view, SIFT is the definitive forensic toolkit! ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |