artifactcollector command
Package artifactcollector provides a software that collects forensic artifacts on systems. These artifacts can be used in forensic investigations to understand attacker behavior on compromised computers.
Features
The artifactcollector offers the following features
- οΈπ₯οΈ Runs on πΌοΈ Windows, π§ Linux and π macOS
- ποΈ Can extract files, directories, registry entries, command and WMI output
- β Uses the configurable and extensible [Forensics Artifacts](https://github.com/forensicanalysis/artifacts)
- πΎ Creates a forensicstore as [structured output](https://github.com/forensicanalysis/forensicstore)
- ποΈ Open source
Directories ΒΆ
| Path | Synopsis |
|---|---|
| artifacts | Package artifacts provides functions for parsing and validating forensic artifact definition files. |
| assets | |
| build | |
| build/go | |
| build/go/context | |
| build/go/fs | Package fs defines basic interfaces to a file system. |
| collect | |
| collector | Package collector provides functions to collect forensicartifacts into a forensicstore. |
| doublestar | Package doublestar provides a globing function for io/fs. |
| store | |
| store/aczip | Package zip provides support for reading and writing ZIP archives. |
- Version
- v0.17.1 (latest)
- Published
- Oct 19, 2024
- Platform
- linux/amd64
- Imports
- 3 packages
- Last checked
- 1 day ago –
Tools for package owners.