Minoru Kobayashi
@unkn0wnbit.bsky.social
Digital Forensic Investigator (Windows/macOS), Black Hat USA 2018 speaker (https://bit.ly/3yyXDLT), CISSP, Network Security Engineer
Reposted by Minoru Kobayashi
CyberPipe, a PowerShell script for digital evidence collection, has been updated with enhancements in collection, capabilities, and reliability. New features include intelligent collection with dual disk space validation, a QuickTriage profile, and improved BitLocker recovery. #DFIR
Streamline Digital Evidence Collection with CyberPipe 5.2
CyberPipe, developed for incident response, is a PowerShell script facilitating efficient digital evidence collection in enterprise settings. Recent updates include improved collection methods, capabilities like QuickTriage for faster artifact gathering, and enhanced reliability with advanced error handling. Version 5.2 aims to streamline operations while ensuring forensic integrity and transparency. #DFIR
bakerstreetforensics.com
October 16, 2025 at 2:24 PM
CyberPipe, a PowerShell script for digital evidence collection, has been updated with enhancements in collection, capabilities, and reliability. New features include intelligent collection with dual disk space validation, a QuickTriage profile, and improved BitLocker recovery. #DFIR
DataTUI
A fast, keyboard‑first terminal data viewer built with Rust and Ratatui. DataTUI lets you explore CSV/TSV, Excel, and SQLite data with tabs, sorting, filtering, SQL (via Polars), and more.
#DFIR
datatui.io
A fast, keyboard‑first terminal data viewer built with Rust and Ratatui. DataTUI lets you explore CSV/TSV, Excel, and SQLite data with tabs, sorting, filtering, SQL (via Polars), and more.
#DFIR
datatui.io
datatui.io
September 7, 2025 at 11:26 AM
DataTUI
A fast, keyboard‑first terminal data viewer built with Rust and Ratatui. DataTUI lets you explore CSV/TSV, Excel, and SQLite data with tabs, sorting, filtering, SQL (via Polars), and more.
#DFIR
datatui.io
A fast, keyboard‑first terminal data viewer built with Rust and Ratatui. DataTUI lets you explore CSV/TSV, Excel, and SQLite data with tabs, sorting, filtering, SQL (via Polars), and more.
#DFIR
datatui.io
UAC (Unix-like Artifacts Collector) v3.1.0 has been released.
Also, my tool for acquiring /etc/ld.so.preload, which is hidden by rootkits, has been merged.
#DFIR #Linux
github.com/tclahr/uac/r...
Also, my tool for acquiring /etc/ld.so.preload, which is hidden by rootkits, has been merged.
#DFIR #Linux
github.com/tclahr/uac/r...
Release uac-3.1.0 · tclahr/uac
Changelog
All notable changes to this project will be documented in this file.
3.1.0 (2025-03-20)
Highlights
Added collection of hidden /etc/ld.so.preload using debugfs and xfs_db tools, enhancing...
github.com
March 20, 2025 at 12:26 PM
UAC (Unix-like Artifacts Collector) v3.1.0 has been released.
Also, my tool for acquiring /etc/ld.so.preload, which is hidden by rootkits, has been merged.
#DFIR #Linux
github.com/tclahr/uac/r...
Also, my tool for acquiring /etc/ld.so.preload, which is hidden by rootkits, has been merged.
#DFIR #Linux
github.com/tclahr/uac/r...
Hi #DFIR community,
I'm excited to announce that I have published my new forensic tool for analyzing journal data from #Linux file systems (EXT4 and XFS).
It’s called Forensic Journal Timeline Analyzer (FJTA).
🔗 github.com/mnrkbys/fjta
This tool requires TSK's develop branch to recognize XFS.
I'm excited to announce that I have published my new forensic tool for analyzing journal data from #Linux file systems (EXT4 and XFS).
It’s called Forensic Journal Timeline Analyzer (FJTA).
🔗 github.com/mnrkbys/fjta
This tool requires TSK's develop branch to recognize XFS.
GitHub - mnrkbys/fjta: FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals, generates timelines, and detects suspicious activities.
FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals, generates timelines, and detects suspicious activities. - mnrkbys/fjta
github.com
February 25, 2025 at 10:33 AM
Hi #DFIR community,
I'm excited to announce that I have published my new forensic tool for analyzing journal data from #Linux file systems (EXT4 and XFS).
It’s called Forensic Journal Timeline Analyzer (FJTA).
🔗 github.com/mnrkbys/fjta
This tool requires TSK's develop branch to recognize XFS.
I'm excited to announce that I have published my new forensic tool for analyzing journal data from #Linux file systems (EXT4 and XFS).
It’s called Forensic Journal Timeline Analyzer (FJTA).
🔗 github.com/mnrkbys/fjta
This tool requires TSK's develop branch to recognize XFS.
Finally, The Sleuth Kit has added support for XFS! I'll try it out later.
github.com/sleuthkit/sl...
#DFIR #Linux
github.com/sleuthkit/sl...
#DFIR #Linux
XFS Implementation by eyalgolan1337 · Pull Request #3118 · sleuthkit/sleuthkit
this branch is based on #1461.
I added a test so we can merge the xfs implementation
github.com
January 15, 2025 at 4:04 AM
Finally, The Sleuth Kit has added support for XFS! I'll try it out later.
github.com/sleuthkit/sl...
#DFIR #Linux
github.com/sleuthkit/sl...
#DFIR #Linux
#UAC (Unix-like Artifacts Collector) v3.0.0 has been released. Many of my PRs were also merged! #DFIR #Linux
github.com/tclahr/uac
github.com/tclahr/uac
GitHub - tclahr/uac: UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, ...
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD...
github.com
October 23, 2024 at 1:04 AM
#UAC (Unix-like Artifacts Collector) v3.0.0 has been released. Many of my PRs were also merged! #DFIR #Linux
github.com/tclahr/uac
github.com/tclahr/uac