MarkBaggett / ese-analyst
This is a set of tools for doing forensics analysis on Microsoft ESE databases.
☆124Updated 3 years ago
Alternatives and similar repositories for ese-analyst:
Users that are interested in ese-analyst are comparing it to the libraries listed below
- Detection Ideas & Rules repository.☆179Updated 3 years ago
- A PowerShell incident response script for quick triage☆80Updated 2 years ago
- ☆5Updated 4 months ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆112Updated last year
- Invoke-LiveResponse☆146Updated 3 years ago
- ☆33Updated 4 months ago
- ATT&CK Remote Threat Hunting Incident Response☆200Updated 3 months ago
- Scripts to facilitate filtering with Plaso☆124Updated 4 years ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆55Updated last month
- Documentation repository☆44Updated 6 months ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆201Updated 3 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- ☆86Updated last year
- Automagically extract forensic timeline from volatile memory dump☆128Updated 10 months ago
- ☆48Updated last week
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆71Updated last year
- Digital Forensics Artifacts Knowledge Base☆78Updated 9 months ago
- Get all my software☆151Updated 2 months ago
- A GeoIP lookup utility utilizing ipinfo.io services.☆84Updated last year
- Collection of useful, up to date, Carbon Black Response Queries☆83Updated 4 years ago
- Pushes Sysmon Configs☆89Updated 3 years ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆107Updated last year
- Resources for SANS CTI Summit 2021 presentation☆102Updated last year
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆52Updated last year
- Security Monitoring Resolution Categories☆138Updated 3 years ago
- 2021 SANS DFIR Summit: Greppin' Logs☆21Updated 3 years ago
- Microsoft Threat Protection Advance Hunting Cheat Sheet☆79Updated 4 years ago
- A community event for security researchers to share their favorite notebooks☆107Updated last year
- Command line access to the Registry☆137Updated last month
- Software downloads☆97Updated 2 months ago