ThreatResponse / margaritashotgunView external linksLinks
Remote Memory Acquisition Tool
☆253Sep 22, 2020Updated 5 years ago
Alternatives and similar repositories for margaritashotgun
Users that are interested in margaritashotgun are comparing it to the libraries listed below
Sorting:
- Python installable command line utiltity for mitigation of host and key compromises.☆347Jul 23, 2021Updated 4 years ago
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Jul 7, 2018Updated 7 years ago
- Web based analysis platform for use with the AWS_IR command line tool.☆17Aug 4, 2016Updated 9 years ago
- Python module for evaluation of AWS account best practices around incident handling readieness.☆55Jun 26, 2020Updated 5 years ago
- A python module for orchestrating content acquisitions and analysis via amazon ssm.☆58Nov 2, 2023Updated 2 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆345Jun 25, 2022Updated 3 years ago
- Tools for AWS forensics☆65Mar 4, 2016Updated 9 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆504Oct 21, 2022Updated 3 years ago
- AutoMacTC: Automated Mac Forensic Triage Collector☆553Mar 31, 2022Updated 3 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆78Jan 9, 2024Updated 2 years ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,427Nov 16, 2023Updated 2 years ago
- Proof of concept incident response demo using SSM and AWS Fargate.☆14Dec 5, 2019Updated 6 years ago
- (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR)…☆631Jan 11, 2024Updated 2 years ago
- DPS' Lightweight Investigation Notebook☆433Dec 31, 2023Updated 2 years ago
- Configuration files for the SOF-ELK VM☆1,715Jan 21, 2026Updated 3 weeks ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago
- Web App for Volatility framework☆389Jan 13, 2026Updated last month
- CyLR - Live Response Collection Tool☆708Jun 1, 2022Updated 3 years ago
- Scripts and code referenced in CrowdStrike blog posts☆336Nov 13, 2019Updated 6 years ago
- Office365 Log Analysis Framework☆81Jun 6, 2019Updated 6 years ago
- ☆230Apr 16, 2025Updated 10 months ago
- ☆374Feb 23, 2024Updated last year
- Collection of scripts and resources for DevSecOps and Automated Incident Response Security☆635Jan 14, 2026Updated last month
- Registry Miner☆14Apr 10, 2018Updated 7 years ago
- Script for automating Linux memory capture and analysis☆274Feb 1, 2020Updated 6 years ago
- A python application designed to remotely dump RAM of a Linux client and create a volatility profile for later analysis on your local hos…☆158Aug 26, 2020Updated 5 years ago
- Collaborative forensic timeline analysis☆3,265Updated this week
- Incident Response Methodologies☆1,018Aug 2, 2018Updated 7 years ago
- AWS Live Response☆11Sep 19, 2017Updated 8 years ago
- Assorted classes and methods for indexing reports and retrieving information from an elastic index☆21Jul 5, 2016Updated 9 years ago
- Super timeline all the things☆2,010Feb 10, 2026Updated last week
- An information security preparedness tool to do adversarial simulation.☆1,142Apr 1, 2019Updated 6 years ago
- checks site content against known good ssdeep hash, identifies matches☆10Jun 2, 2019Updated 6 years ago
- Powershell Threat Hunting Module☆289Sep 21, 2016Updated 9 years ago
- A Powershell incident response framework☆1,639Nov 22, 2022Updated 3 years ago
- Sandia Cyber Omni Tracker (SCOT)☆253Nov 4, 2024Updated last year
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Query and report user logons relations from MS Windows Security Events☆243Aug 9, 2018Updated 7 years ago