EricZimmerman / Get-ZimmermanTools

Related projects: ⓘ

• EricZimmerman / ericzimmerman.github.io
  Software downloads
  ☆89Updated last week
• AndrewRathbun / Awesome-KAPE
  A curated list of KAPE-related resources
  ☆154Updated 4 months ago
• AndrewRathbun / KAPE-EZToolsAncillaryUpdater
  A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…
  ☆53Updated last year
• MarkBaggett / ese-analyst
  This is a set of tools for doing forensics analysis on Microsoft ESE databases.
  ☆123Updated 2 years ago
• EricZimmerman / KapeDocs
  Documentation repository
  ☆42Updated 3 weeks ago
• digitalsleuth / WIN-FOR
  Windows Forensics Environment Builder
  ☆106Updated 3 months ago
• AndrewRathbun / VanillaWindowsReference
  A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …
  ☆139Updated 2 months ago
• strozfriedberg / sidr
  Search Index Database Reporter
  ☆87Updated last year
• EricZimmerman / RECmd
  Command line access to the Registry
  ☆123Updated 2 weeks ago
• ekristen / cast
  Cast is an installer for any compatible Saltstack based distribution like SIFT or REMnux
  ☆99Updated this week
• blueteam0ps / AllthingsTimesketch
  This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.
  ☆90Updated 11 months ago
• ReconInfoSec / velociraptor-to-timesketch
  ☆84Updated 3 months ago
• EricZimmerman / SQLECmd
  ☆44Updated 2 weeks ago
• MalwareArchaeology / ARTHIR
  ATT&CK Remote Threat Hunting Incident Response
  ☆196Updated 5 years ago
• mark-hallman / plaso_filters
  Scripts to facilitate filtering with Plaso
  ☆124Updated 4 years ago
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆62Updated last year
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆105Updated last year
• EricZimmerman / MFTECmd
  Parses $MFT from NTFS file systems
  ☆183Updated this week
• redcanaryco / surveyor
  A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.
  ☆170Updated last month
• dlcowen / sansfor509
  Public script from SANS FOR509 Enterprise Cloud Incident Response
  ☆170Updated last week
• 13Cubed / Abeebus
  A GeoIP lookup utility utilizing ipinfo.io services.
  ☆83Updated 9 months ago
• AndrewRathbun / DFIRRegex
  A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
  ☆84Updated last year
• andreafortuna / autotimeliner
  Automagically extract forensic timeline from volatile memory dump
  ☆123Updated 4 months ago
• dwmetz / CyberPipe
  An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
  ☆266Updated 3 weeks ago
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆74Updated 3 weeks ago
• forensicanalysis / artifacts
  📇 Digital Forensics Artifact Repository (forensicanalysis edition)
  ☆71Updated 7 months ago
• mbevilacqua / appcompatprocessor
  "Evolving AppCompat/AmCache data analysis beyond grep"
  ☆192Updated 3 years ago
• brimorlabs / rdpieces
  The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images
  ☆76Updated last year
• marcurdy / dfir-toolset
  Dump of organized knowledge on DFIR
  ☆132Updated 2 years ago
• Beercow / OneDriveExplorer
  OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…
  ☆170Updated last month