Factual Rules Generator
#Incident Management#Digital Forensics
DMG2IMG is a tool for converting Apple compressed dmg archives to standard image disk files with support for zlib, bzip2, and LZFSE compression.
Factual Rules Generator: An Open Source Tool for YARA Rule Creation
Factual Rules Generator is an open-source project designed to create YARA rules based on the software installed on a running operating system.
The software aims to utilize
The software aims to utilize a specific set of rules on the collected digital forensic evidence to efficiently identify installed software.
It can be used to establish baselines for software
It can be used to establish baselines for known software on Windows systems and to create rules for identifying similar installations on other systems. The required dependencies include pefile, psutil, ndjson, python-tlsh, PyInstaller, ssdeep, as well as additional tools like xxd and curl.