I wondered about forensic analysis of Synology NAS, especially how to create a memory dump, but unfortunately, I was not able to find any useful howtos. I had to try it myself, but as a 1st step I needed a running instance of Synology DSM (DiskStation Manager, the web-based OS running on Synology NAS). Because I do not have any real HW Synology NAS, I decided to try it as a Virtual Machine.
Some people asked me what tools can be useful for Incident Response and for the CSIRT/CERT teams, so I decided to prepare list of such tools and seize the opportunity of the Open Source Weekend in Košice, Slovakia on 19th October. The motivation behind this list is help to enthusiasts and new teams to prepare and/or strengthen technical equipment needed for incident response with minimal costs. On the other hand, the participation of clever and engaged people is always required for similar tasks in cybersecurity, and use of Open Source and Free(ware) tools can have some caveats with need of more tinkering or adjustments.