Popular repositories Loading
-
usnjrnl-forensic
usnjrnl-forensic PublicThe most comprehensive NTFS USN Journal parser: full path reconstruction (CyberCX Rewind), TriForce correlation (MFT + LogFile + UsnJrnl), ghost record recovery, anti-forensics detection, timestomp…
Rust 31
Repositories
- issen Public
Point it at disk + memory evidence; get a correlated, ATT&CK-mapped attack timeline. Rust DFIR orchestrator: one command ingests E01/EWF/VMDK/raw + memory dumps, parses NTFS/registry/EVTX/prefetch/LNK/SRUM/browser/Amcache + memory (processes, netstat, injection), correlates into a DuckDB super-timeline, scans threat-intel, and reports.
SecurityRonin/issen’s past year of commit activity - zip-forensic Public
Pure-Rust forensic ZIP toolkit: zip-full-core reader (no C-FFI, all common codecs + decryption) and zip-forensic anomaly auditor
SecurityRonin/zip-forensic’s past year of commit activity - 4n6mount Public
Mount forensic disk images, archives & memory dumps as a filesystem on Linux/macOS/Windows — ext4/NTFS/exFAT/HFS+/APFS/ISO, EWF/VMDK/AFF4, AD1, zip/7z/tar, LiME/AVML/crash dumps. FUSE + Dokan, ro/rw COW overlay, deleted-file browsing, NSRL filtering. Pure Rust, Apache-2.0.
SecurityRonin/4n6mount’s past year of commit activity - aff4-forensic Public
Pure-Rust read-only AFF4 disk-image reader (aff4) + forensic integrity analyzer (aff4-forensic)
SecurityRonin/aff4-forensic’s past year of commit activity - forensicnomicon Public
DFIR artifact catalog (6,554 artifacts, LOL/LOFL binaries, abusable sites) plus the normalized report vocabulary the SecurityRonin analyzer fleet shares — offline Rust library + 4n6query CLI
SecurityRonin/forensicnomicon’s past year of commit activity - ad1-forensic Public
Pure-Rust reader + forensic auditor for AccessData AD1 logical images (FTK Imager Custom Content Image)
SecurityRonin/ad1-forensic’s past year of commit activity - blazehash Public
Forensic file hasher — BLAKE3 at 1,640 MB/s, 25 hash algorithms, Ed25519 + post-quantum signing, Bitcoin timestamps, YARA scanning, 50+ remote backends. hashdeep for the modern era.
SecurityRonin/blazehash’s past year of commit activity - memory-forensic Public
Walk any memory dump. Find what's hidden. Linux + Windows kernel forensics from a single static Rust binary — no Python required.
SecurityRonin/memory-forensic’s past year of commit activity
People
This organization has no public members. You must be a member to see who’s a part of this organization.
Top languages
Loading…
Most used topics
Loading…