GRR is an Incident Response framework focused on remote live analysis.
The file system analysis capabilities of GRR are provided by:
- libfsntfs
- the The Sleuth Kit and pytsk
The memory analysis and acquisition capabilities of GRR are provided by the Yara project.