mstoeck3/forensic-pathways
2
0
Fork 0
Code Issues 3 Pull Requests Projects Releases Activity

prepare prod

Browse Source
This commit is contained in:
overcuriousity 2025-07-27 23:45:30 +02:00
parent a3613327e2
commit b1834aace1
3 changed files with 730 additions and 320 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

788
dfir_yaml_editor.html
View File

File diff suppressed because it is too large Load Diff

86
src/data/tags.json
View File

@ -3,17 +3,7 @@
"command-line",
"web-interface",
"cross-platform",
"windows",
"linux",
"macos",
"portable",
"cloud",
"agentless",
"live-acquisition",
"deadbox",
"memory-capture",
"ram-analysis",
"disk-imaging",
"logical-copy",
"physical-copy",
"sparse-image",
@ -25,10 +15,9 @@
"chain-of-custody",
"file-carving",
"metadata-parser",
"registry-viewer",
"artifact-parser",
"log-parser",
"timeline-builder",
"timeline",
"keyword-search",
"regex-search",
"yara-scan",
@ -93,10 +82,71 @@
"court-admissible",
"standards-compliant",
"blockchain-analysis",
"ios-backup",
"android-backup",
"ms365",
"google-workspace",
"slack-export",
"teams-export"
"mobile-app-data",
"system-metadata",
"deleted-file-recovery",
"raw-image-support",
"ewf-support",
"compression",
"disk-signature",
"anomaly-detection",
"behavioral-analysis",
"live-process-view",
"memory-timeline",
"string-search",
"packet-filtering",
"encrypted-traffic",
"malware-unpacking",
"sandboxing",
"virtual-analysis",
"memory-map",
"binary-decode",
"firmware-extraction",
"forensic-snapshots",
"historical-analysis",
"app-provenance",
"usb-history",
"dns-resolution",
"session-reconstruction",
"file-reconstruction",
"protocol-decode",
"encrypted-volume-access",
"registry-hives",
"timeline-correlation",
"selective-imaging",
"forensic-scripting",
"macro-analysis",
"macro-automation",
"keyword-highlighting",
"duplicate-elimination",
"timeline-merge",
"multi-user-support",
"version-control",
"git-integration",
"secure-sharing",
"encrypted-reports",
"evidence-tagging",
"alerting",
"threat-scoring",
"IOC-matching",
"correlation-engine",
"elasticsearch-integration",
"data-enrichment",
"IOC-ingestion",
"taxonomies",
"sandbox-reports",
"memory-signatures",
"forensic-templates",
"structured-output",
"json-export",
"yaml-support",
"automation-ready",
"hash-database",
"integrity-checking",
"forensic-indexing",
"disk-hash-comparison",
"time-normalization",
"zero-footprint",
"recovery-report",
"forensic-logging"
]

176
src/data/tools.yaml
View File

@ -10,13 +10,6 @@ tools:
dafür vollständig transparent und kostenfrei.
skillLevel: intermediate
url: https://www.autopsy.com/
tags:
- gui
- filesystem
- timeline-analysis
- carving
- artifact-extraction
- keyword-search
icon: 📦
domains:
- incident-response
@ -27,13 +20,20 @@ tools:
phases:
- examination
- analysis
tags:
- gui
- filesystem
- timeline-analysis
- carving
- artifact-extraction
- keyword-search
related_concepts:
- SQL Query Fundamentals
- Hash Functions & Digital Signatures
platforms:
- Windows
- Linux
accessType: Download
accessType: download
license: Apache 2.0
knowledgebase: false
- name: Volatility 3
@ -62,7 +62,7 @@ tools:
related_concepts:
- Hash Functions & Digital Signatures
- Regular Expressions (Regex)
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: advanced
accessType: download
@ -98,7 +98,7 @@ tools:
platforms:
- Web
related_concepts: null
related_software:
related_software: null
domain-agnostic-software:
- collaboration-general
skillLevel: intermediate
@ -172,7 +172,7 @@ tools:
related_concepts:
- Regular Expressions (Regex)
- SQL Query Fundamentals
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: server-based
@ -212,7 +212,7 @@ tools:
- Linux
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: download
@ -250,7 +250,7 @@ tools:
platforms:
- Windows
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: beginner
accessType: commercial
@ -285,7 +285,7 @@ tools:
platforms:
- Windows
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: beginner
accessType: commercial
@ -320,7 +320,7 @@ tools:
- Linux
- Web
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: advanced
accessType: server-based
@ -355,7 +355,7 @@ tools:
- Linux
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: expert
accessType: download
@ -393,7 +393,7 @@ tools:
- Linux
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: download
@ -428,7 +428,7 @@ tools:
platforms:
- Web
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: beginner
accessType: server-based
@ -470,7 +470,7 @@ tools:
- macOS
- Web
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: advanced
accessType: server-based
@ -510,7 +510,7 @@ tools:
- macOS
- Web
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: advanced
accessType: server-based
@ -547,7 +547,7 @@ tools:
platforms:
- Linux
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: expert
accessType: server-based
@ -583,7 +583,7 @@ tools:
- Windows
- Linux
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: beginner
accessType: download
@ -622,7 +622,7 @@ tools:
- macOS
related_concepts:
- Regular Expressions (Regex)
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: novice
accessType: download
@ -656,7 +656,7 @@ tools:
platforms:
- Web
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: commercial
@ -697,7 +697,7 @@ tools:
- Web
related_concepts:
- SQL Query Fundamentals
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: server-based
@ -734,7 +734,7 @@ tools:
- Linux
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: download
@ -772,7 +772,7 @@ tools:
platforms:
- Web
related_concepts: null
related_software:
related_software: null
domain-agnostic-software:
- collaboration-general
skillLevel: novice
@ -806,7 +806,7 @@ tools:
platforms:
- Web
related_concepts: null
related_software:
related_software: null
domain-agnostic-software:
- collaboration-general
skillLevel: beginner
@ -842,7 +842,7 @@ tools:
- Linux
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: advanced
accessType: download
@ -884,7 +884,7 @@ tools:
- Linux
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software:
- collaboration-general
skillLevel: novice
@ -967,7 +967,7 @@ tools:
license: Proprietary
knowledgebase: false
related_concepts: null
related_software:
related_software: null
domain-agnostic-software:
- collaboration-general
- name: GraphSense
@ -989,7 +989,7 @@ tools:
platforms:
- Web
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: server-based
@ -1023,7 +1023,7 @@ tools:
- Windows
related_concepts:
- Hash Functions & Digital Signatures
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: beginner
accessType: download
@ -1056,7 +1056,7 @@ tools:
- Linux
related_concepts:
- Hash Functions & Digital Signatures
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: novice
accessType: download
@ -1088,7 +1088,7 @@ tools:
platforms:
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: download
@ -1125,7 +1125,7 @@ tools:
- macOS
related_concepts:
- SQL Query Fundamentals
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: download
@ -1161,7 +1161,7 @@ tools:
- Linux
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: download
@ -1196,7 +1196,7 @@ tools:
- Linux
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: download
@ -1244,7 +1244,7 @@ tools:
license: GPL-3.0
knowledgebase: true
related_concepts: null
related_software:
related_software: null
domain-agnostic-software:
- specific-os
- name: dd
@ -1265,7 +1265,7 @@ tools:
- Linux
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: built-in
@ -1298,7 +1298,7 @@ tools:
- Linux
related_concepts:
- Hash Functions & Digital Signatures
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: download
@ -1331,7 +1331,7 @@ tools:
- Linux
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: download
@ -1366,7 +1366,7 @@ tools:
- Linux
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: beginner
accessType: download
@ -1399,7 +1399,7 @@ tools:
platforms:
- Linux
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: advanced
accessType: download
@ -1431,7 +1431,7 @@ tools:
platforms:
- Windows
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: beginner
accessType: download
@ -1465,7 +1465,7 @@ tools:
platforms:
- Windows
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: beginner
accessType: download
@ -1500,7 +1500,7 @@ tools:
- Windows
- Linux
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: download
@ -1569,7 +1569,7 @@ tools:
- macOS
related_concepts:
- Regular Expressions (Regex)
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: novice
accessType: built-in
@ -1645,7 +1645,7 @@ tools:
license: Free / Mixed
knowledgebase: false
related_concepts: null
related_software:
related_software: null
domain-agnostic-software:
- specific-os
- name: Tsurugi Linux
@ -1678,7 +1678,7 @@ tools:
license: GPL / Mixed
knowledgebase: false
related_concepts: null
related_software:
related_software: null
domain-agnostic-software:
- specific-os
- name: Parrot Security OS
@ -1710,7 +1710,7 @@ tools:
license: GPL-3.0
knowledgebase: false
related_concepts: null
related_software:
related_software: null
domain-agnostic-software:
- specific-os
- name: Eric Zimmerman Tools
@ -1730,7 +1730,7 @@ tools:
platforms:
- Windows
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: download
@ -1766,7 +1766,7 @@ tools:
- Windows
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: advanced
accessType: download
@ -1801,7 +1801,7 @@ tools:
platforms:
- Web
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: expert
accessType: commercial
@ -1834,7 +1834,7 @@ tools:
platforms:
- Windows
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: expert
accessType: commercial
@ -1868,7 +1868,7 @@ tools:
platforms:
- Windows
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: commercial
@ -1900,7 +1900,7 @@ tools:
platforms:
- Hardware
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: commercial
@ -1959,7 +1959,7 @@ tools:
- data-collection
platforms: []
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: advanced
accessType: null
@ -1995,7 +1995,7 @@ tools:
- examination
platforms: []
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: null
@ -2033,7 +2033,7 @@ tools:
platforms:
- macOS
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: download
@ -2068,7 +2068,7 @@ tools:
- analysis
platforms: []
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: null
@ -2100,7 +2100,7 @@ tools:
- analysis
platforms: []
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: intermediate
accessType: null
@ -2132,7 +2132,7 @@ tools:
- examination
platforms: []
related_concepts: null
related_software:
related_software: null
domain-agnostic-software: null
skillLevel: advanced
accessType: null
@ -2209,33 +2209,27 @@ domain-agnostic-software:
name: Betriebssysteme
description: Operating Systems which focus on forensics
scenarios:
- id: registry
icon: 🗃️
friendly_name: "Registry-Analyse"
- id: memory-forensics
- id: disk_imaging
icon: 💽
friendly_name: Datenträgerabbild
- id: memory_dump
icon: 🧠
friendly_name: "Memory-Forensik"
- id: network-traffic
icon: 🌐
friendly_name: "Netzwerk-Traffic"
- id: mobile-forensik
icon: 📱
friendly_name: "Mobile Geräte"
- id: malware-analysis
icon: 🦠
friendly_name: "Malware-Analyse"
- id: timeline-analysis
icon:
friendly_name: "Timeline-Erstellung"
- id: file-recovery
icon: 💾
friendly_name: "Datei-Wiederherstellung"
- id: browser-forensik
friendly_name: RAM-Analyse
- id: file_recovery
icon: 🗑️
friendly_name: Datenrettung
- id: browser_history
icon: 🌍
friendly_name: "Browser-Forensik"
- id: email-forensik
icon: 📧
friendly_name: "E-Mail-Forensik"
- id: log-analysis
icon: 📊
friendly_name: "Log-Analyse"
friendly_name: Browser-Spuren
- id: credential_theft
icon: 🛑
friendly_name: Zugangsdiebstahl
- id: remote_access
icon: 📡
friendly_name: Fernzugriffe
- id: persistence
icon: ♻️
friendly_name: Persistenzsuche
- id: windows-registry
icon: 📜
friendly_name: Registry-Analyse