KasperskyLab / ForensicsToolsLinks
Tools for DFIR
☆120Updated 7 years ago
Alternatives and similar repositories for ForensicsTools
Users that are interested in ForensicsTools are comparing it to the libraries listed below
Sorting:
- Extract common Windows artifacts from source images and VSCs☆65Updated 4 years ago
- Page File analysis tools.☆128Updated 9 years ago
- Yet another registry parser☆134Updated 3 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆196Updated 5 months ago
- A lightweight tool to load Windows Event Log evtx files into Elasticsearch.☆118Updated 4 years ago
- Python script for extracting USB information from Windows registry hives☆128Updated 6 years ago
- Windows Live Artifacts Acquisition Script☆189Updated 3 years ago
- Python script to decode common encoded PowerShell scripts☆216Updated 7 years ago
- A collection of infosec related scripts and information.☆53Updated 10 months ago
- Allows you to quickly query a Windows machine for RAM artifacts☆220Updated 5 years ago
- SEC599 supporting GitHub repository☆16Updated 5 years ago
- Detecting Lateral Movement with Machine Learning☆138Updated 7 years ago
- Tools from WFA 4/e, timeline tools, etc.☆141Updated last year
- Tools for the Computer Incident Response Team☆144Updated 8 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆119Updated last year
- PowerShell No Agent Hunting☆109Updated 7 years ago
- Collecting & Hunting for IOCs with gusto and style☆241Updated 4 years ago
- Cuckoo running in a nested hypervisor☆128Updated 5 years ago
- Lazy Office Analyzer☆122Updated 8 years ago
- A modern Python-3-based alternative to RegRipper☆196Updated 4 months ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆179Updated 4 years ago
- PE Import Hash Generator☆81Updated 8 years ago
- Malware Analysis, Threat Intelligence and Reverse Engineering: LABS☆82Updated 4 years ago
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆82Updated 7 years ago
- Differential Analysis of Malware in Memory☆212Updated 8 years ago
- Incident Response Triage - Windows Evidence Collection for Forensic Analysis☆134Updated 9 years ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆81Updated 4 years ago
- Process HTTP Pcaps With YARA☆105Updated 12 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Updated 7 years ago
- Repository of yara rules☆60Updated 2 years ago