Unfurl takes a URL and expands ("unfurls") it into a directed graph, extracting every bit of information from the URL and exposing the obscured. It does this by breaking up a URL into components, extracting as much information as it can from each piece, and presenting it all visually. This "show your work" approach (along with embedded references and documentation) makes the analysis transparent to the user and helps them learn about (and discover) semantic and syntactical URL structures.
Unfurl has parsers for URLs from popular search engines, social media sites, mail services, and chat applications. It also has more generic parsers (timestamps, UUIDs, base64, and more) helpful for exploring new URLs or reverse engineering. It's also easy to build new parsers, since Unfurl is open source (Python 3) and has an extensible plugin system.
No matter if you extracted a URL from a memory image, carved it from slack space, or pulled it from a browser's history file, Unfurl can help you get the most out of it.
Ryan Benson, @_RyanBenson, Security Engineer, Google
The annual SANS Digital Forensics & Incident Response (DFIR) Summit is the most comprehensive DFIR event of the year, bringing together a passionate and influential group of experts, cutting edge research and tools, immersive training, and industry networking opportunities. Learn more about this event at [ Ссылка ]
DFIRCON 2020 - Live Online
sans.org/event/dfircon-2020-live-online
Virtual, US Eastern | Mon, Nov 2 - Sat, Nov 7, 2020
Courses Available:
FOR308: Digital Forensics Essentials - NEW
FOR498: Battlefield Forensics & Data Acquisition
FOR500: Windows Forensic Analysis
FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
FOR518: Mac and iOS Forensic Analysis and Incident Response
FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response
FOR578: Cyber Threat Intelligence
FOR585: Smartphone Forensic Analysis In-Depth
FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
