Minoru Kobayashi's Avatar

Minoru Kobayashi

@unkn0wnbit.bsky.social

Digital Forensic Investigator (Windows/macOS), Black Hat USA 2018 speaker (https://bit.ly/3yyXDLT), CISSP, Network Security Engineer

43 Followers  |  20 Following  |  6 Posts  |  Joined: 07.02.2024
Posts Following

Posts by Minoru Kobayashi (@unkn0wnbit.bsky.social)

Preview
Streamline Digital Evidence Collection with CyberPipeΒ 5.2 CyberPipe, developed for incident response, is a PowerShell script facilitating efficient digital evidence collection in enterprise settings. Recent updates include improved collection methods, capabilities like QuickTriage for faster artifact gathering, and enhanced reliability with advanced error handling. Version 5.2 aims to streamline operations while ensuring forensic integrity and transparency. #DFIR

CyberPipe, a PowerShell script for digital evidence collection, has been updated with enhancements in collection, capabilities, and reliability. New features include intelligent collection with dual disk space validation, a QuickTriage profile, and improved BitLocker recovery. #DFIR

16.10.2025 14:23 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

DataTUI
A fast, keyboard‑first terminal data viewer built with Rust and Ratatui. DataTUI lets you explore CSV/TSV, Excel, and SQLite data with tabs, sorting, filtering, SQL (via Polars), and more.
#DFIR

datatui.io

07.09.2025 11:26 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Running EZ Tools Natively on Linux: A Step-by-Step Guide | SANS Institute A blog about installing and running EZ Tools on a Linux system

Running EZ Tools Natively on Linux: A Step-by-Step Guide #DFIR
www.sans.org/blog/running...

08.05.2025 02:29 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Release uac-3.1.0 Β· tclahr/uac Changelog All notable changes to this project will be documented in this file. 3.1.0 (2025-03-20) Highlights Added collection of hidden /etc/ld.so.preload using debugfs and xfs_db tools, enhancing...

UAC (Unix-like Artifacts Collector) v3.1.0 has been released.
Also, my tool for acquiring /etc/ld.so.preload, which is hidden by rootkits, has been merged.
#DFIR #Linux

github.com/tclahr/uac/r...

20.03.2025 12:26 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
GitHub - mnrkbys/fjta: FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals, generates timelines, and detects suspicious activities. FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals, generates timelines, and detects suspicious activities. - mnrkbys/fjta

Hi #DFIR community,
I'm excited to announce that I have published my new forensic tool for analyzing journal data from #Linux file systems (EXT4 and XFS).
It’s called Forensic Journal Timeline Analyzer (FJTA).
πŸ”— github.com/mnrkbys/fjta

This tool requires TSK's develop branch to recognize XFS.

25.02.2025 10:33 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
XFS Implementation by eyalgolan1337 Β· Pull Request #3118 Β· sleuthkit/sleuthkit this branch is based on #1461. I added a test so we can merge the xfs implementation

Finally, The Sleuth Kit has added support for XFS! I'll try it out later.
github.com/sleuthkit/sl...
#DFIR #Linux

15.01.2025 04:04 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
GitHub - tclahr/uac: UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, ... UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD...

#UAC (Unix-like Artifacts Collector) v3.0.0 has been released. Many of my PRs were also merged! #DFIR #Linux

github.com/tclahr/uac

23.10.2024 01:04 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0