Skip to content

Latest commit

 

History

History
51 lines (35 loc) · 4.72 KB

README.md

File metadata and controls

51 lines (35 loc) · 4.72 KB

hashlookup project

The hashlookup project provides a complete set of open source tools and open standards to lookup hash values against known database of files. Hashlookup helps to improve and speed-up Digital Forensic and Incident Response (DFIR) by providing a readily-accessible list of known files metadata published.

Presentations

Public online hashlookup services

Tools using hashlookup services or dataset

Maintained by hashlookup.io project

  • hashlookup-forensic-analyser Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service or offline with Bloom filters. This tool can help a digital forensic investigator to know the context, origin of specific files during a digital forensic investigation.
  • hashlookup-gui provides a multi-platform Graphical User Interface for hashlookup.
  • PyHashlookup is a client API in Python to query CIRCL hashlookup.
  • MISP module hashlookup expansion is a MISP module allowing to lookup and expand from hashlookup.
  • a-ray-grass is a yara module that provides support for DCSO format bloom filters in yara. In the context of hashlookup, it allows quickly discard known files "pour séparer le grain de l'ivraie" from hashlookup Bloom filters.

Maintained by others

Public dataset

Who is behind the hashlookup project

The project is run by @adulau, @gallypette with the help of many contributors. Don't hesitate to follow our Mastodon account @[email protected].

Mastodon