-
Notifications
You must be signed in to change notification settings - Fork 6
Home
Welcome to the forensicator-fate wiki!
This software is described in a Gold Paper written for the GCFA, the cert corresponding to the SANS Institute FOR508 Advanced Forensics course,which may be found at the following link: https://www.giac.org/paper/gcfa/9858/forensicator-fate-artisan-engineer/115803 It's also in the SANS Reading Room in the forensics section, linked: http://www.sans.org/reading-room/whitepapers/forensics/forensicator-fate-artisan-engineer-35522
In short the paper describes automating the evidence processing phase of a DFIR investigation, using Jenkins to control the automation and storing the results in an ELK (Elasticsearch-Logstash-Kibana) stack for visualisation. A lightweight DFIR case manager is also provided.
A list of current open issues (bugs and enhancement requests) is at: https://github.com/z3ndrag0n/forensicator-fate/issues
Bug reports and requests for enhancement will be accepted with gratitude!