ANSSI-FR / orc2timelineView external linksLinks
orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
☆34Jun 27, 2025Updated 7 months ago
Alternatives and similar repositories for orc2timeline
Users that are interested in orc2timeline are comparing it to the libraries listed below
Sorting:
- Malware detection tool for Windows PE files based on DFIR ORC data☆10Sep 9, 2025Updated 5 months ago
- Configurations for DFIR ORC☆28Mar 28, 2024Updated last year
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 3 months ago
- Guide journalisation Microsoft☆69Feb 3, 2026Updated last week
- 📦 A GitHub Action that performs a security scan of your GitHub Actions.☆25Oct 28, 2024Updated last year
- PowerShell module for Office 365 and Azure log collection☆280Sep 22, 2025Updated 4 months ago
- Python tool to check rootkits in Windows kernel☆207Aug 20, 2025Updated 5 months ago
- Forensics artefact collection tool for systems running Microsoft Windows☆431Mar 26, 2025Updated 10 months ago
- Offline amnesic live Linux distribution☆14Mar 8, 2025Updated 11 months ago
- TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …☆27Jul 13, 2022Updated 3 years ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Jul 13, 2022Updated 3 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- ☆13Oct 29, 2024Updated last year
- CRACK AND CHECK HASH TYPES IN BULK☆13Jul 28, 2021Updated 4 years ago
- CLI generator for Velociraptor offline collector☆15Oct 10, 2025Updated 4 months ago
- The backend server handling API requests and task management☆55Updated this week
- Example of a serverless web reconaissance workflow's AWS architecture.☆11Feb 25, 2023Updated 2 years ago
- ☆23May 19, 2019Updated 6 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- Scripts that I've written that others may find useful☆14Aug 17, 2022Updated 3 years ago
- ☆20Feb 6, 2024Updated 2 years ago
- Copy of the libewf source code that is configured for a 64-bit MS Visual Studio build.☆17Aug 17, 2020Updated 5 years ago
- PoC for extracting office files into PDF file metadata☆11Sep 11, 2019Updated 6 years ago
- A PowerShell script to prevent Sysmon from writing its events☆16Apr 23, 2020Updated 5 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated last year
- Pythonize Intruder Payload☆13Dec 15, 2020Updated 5 years ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆180May 27, 2025Updated 8 months ago
- A Splunk Technology Add-on to forward filtered ETW events.☆30Oct 14, 2020Updated 5 years ago
- Rapports techniques de VIGINUM☆36Sep 15, 2025Updated 4 months ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 2 months ago
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆76Dec 15, 2025Updated last month
- ☆18Sep 14, 2023Updated 2 years ago
- Simple tmux session management.☆16Dec 16, 2023Updated 2 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 2 years ago
- Parses USB connection artifacts from offline Registry hives☆107Updated this week
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆17Jun 11, 2024Updated last year
- Malformed Access Log to CSV - Convert Web Server Access Logs to CSV☆18Sep 3, 2024Updated last year
- Our fork of Iceman's fork for Proxmark III☆18Dec 14, 2024Updated last year