orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
☆34Jun 27, 2025Updated 8 months ago
Alternatives and similar repositories for orc2timeline
Users that are interested in orc2timeline are comparing it to the libraries listed below
Sorting:
- Malware detection tool for Windows PE files based on DFIR ORC data☆10Updated this week
- Configurations for DFIR ORC☆28Mar 28, 2024Updated last year
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 4 months ago
- Guide journalisation Microsoft☆70Feb 23, 2026Updated last week
- 📦 A GitHub Action that performs a security scan of your GitHub Actions.☆26Oct 28, 2024Updated last year
- PowerShell module for Office 365 and Azure log collection☆279Sep 22, 2025Updated 5 months ago
- Python tool to check rootkits in Windows kernel☆207Aug 20, 2025Updated 6 months ago
- Forensics artefact collection tool for systems running Microsoft Windows☆433Mar 26, 2025Updated 11 months ago
- Offline amnesic live Linux distribution☆14Mar 8, 2025Updated 11 months ago
- TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …☆27Jul 13, 2022Updated 3 years ago
- ☆15Oct 29, 2024Updated last year
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- CRACK AND CHECK HASH TYPES IN BULK☆13Jul 28, 2021Updated 4 years ago
- CLI generator for Velociraptor offline collector☆16Oct 10, 2025Updated 4 months ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Jul 13, 2022Updated 3 years ago
- The backend server handling API requests and task management☆56Updated this week
- Example of a serverless web reconaissance workflow's AWS architecture.☆11Feb 25, 2023Updated 3 years ago
- ☆23May 19, 2019Updated 6 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- ☆20Feb 6, 2024Updated 2 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 5 years ago
- Pythonize Intruder Payload☆13Dec 15, 2020Updated 5 years ago
- Copy of the libewf source code that is configured for a 64-bit MS Visual Studio build.☆17Aug 17, 2020Updated 5 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- 010 template for apfs☆26Feb 26, 2021Updated 5 years ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆181May 27, 2025Updated 9 months ago
- Scripts that I've written that others may find useful☆14Aug 17, 2022Updated 3 years ago
- PoC for extracting office files into PDF file metadata☆11Sep 11, 2019Updated 6 years ago
- A Splunk Technology Add-on to forward filtered ETW events.☆30Oct 14, 2020Updated 5 years ago
- Rapports techniques de VIGINUM☆36Sep 15, 2025Updated 5 months ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 3 months ago
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆77Dec 15, 2025Updated 2 months ago
- Simple tmux session management.☆16Dec 16, 2023Updated 2 years ago
- ☆18Sep 14, 2023Updated 2 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 2 years ago
- Parses USB connection artifacts from offline Registry hives☆107Feb 8, 2026Updated 3 weeks ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- Qovery Github action allowing to deploy application.☆12Aug 1, 2023Updated 2 years ago
- ☆21Nov 19, 2025Updated 3 months ago