NUKIB / maldump
Multi-quarantine extractor
☆34Updated 2 weeks ago
Related projects: ⓘ
- Dump quarantined files from Windows Defender☆51Updated 2 years ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆139Updated 2 months ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆47Updated last year
- JPCERT/CC public YARA rules repository☆98Updated 2 months ago
- Carve file metadata from NTFS index ($I30) attributes☆58Updated 7 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆74Updated 3 weeks ago
- Elastic Security Labs releases☆46Updated 3 weeks ago
- ☆168Updated 8 months ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆109Updated 2 years ago
- A guide on how to write fast and memory friendly YARA rules☆123Updated last year
- ☆214Updated 4 months ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆62Updated last year
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆90Updated 11 months ago
- YARA rule analyzer to improve rule quality and performance☆93Updated 9 months ago
- $MFT directory tree reconstruction & FILE record info☆282Updated 7 months ago
- Search Index Database Reporter☆87Updated last year
- Rules shared by the community from 100 Days of YARA 2024☆75Updated 5 months ago
- Command line access to the Registry☆123Updated 2 weeks ago
- Collection of scripts used to deobfuscate GOOTLOADER malware samples.☆51Updated last month
- ☆35Updated 2 weeks ago
- ☆46Updated last week
- Forensic tool for acquisition, triage and analysis of remote block devices via iSCSI protocol.☆37Updated 2 weeks ago
- Remote access and Antivirus Logging Database☆39Updated 4 months ago
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆62Updated last year
- MWDB exercises☆19Updated 3 months ago
- ☆84Updated 3 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆66Updated 9 months ago
- Collection of Volatility3 symbols, generated against Linux and macOS kernels.☆53Updated this week
- Documentation repository☆42Updated 3 weeks ago
- A specification and style guide for YARA rules☆34Updated 7 months ago