The developers presented the project PyREBox, within which an environment for reverse engineering and monitoring the behavior of malicious software was prepared. PyREBox is an add-on above QEMU, equipped with additional tools for inspecting the contents of memory, debugging and dynamic analysis of the system and applications.

Hacking Articles shared tons of manuals and guides of Computer Forensic.

PcapDB is a packet capture system designed to optimize the captured data for fast search in the typical (network incident response) use case. A PcapDB installation consists of a Search Head and one or more Capture Nodes. The Search Head can also be a Capture Node, or it can be a VM somewhere else. The first requirement is that PcapDB is designed to work only on Linux servers. PcapDB uses quite a few off-the-shelf open source systems, and it’s useful to understand how those pieces fit into the larger system.

FastIR Collector is a “Fast Forensic” acquisition tool. It collects different artifacts on live Windows and records the results in csv or json files. Traditional forensics expertise does not keep pace with the development of information technology.