MasterParser is a simple, all-in-one, digital forensics artifact parser
☆24Jul 9, 2021Updated 4 years ago
Alternatives and similar repositories for MasterParser
Users that are interested in MasterParser are comparing it to the libraries listed below
Sorting:
- This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …☆209Oct 19, 2020Updated 5 years ago
- Disk Image Mounting Script☆11Jan 22, 2026Updated last month
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- ☆21Aug 31, 2022Updated 3 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Virustotal Data to Timesketch☆16Feb 28, 2019Updated 7 years ago
- NTFS file system specimens☆13Jul 3, 2023Updated 2 years ago
- Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks☆25Aug 8, 2020Updated 5 years ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- AFF4 Standard Documents☆29Feb 4, 2022Updated 4 years ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆42Sep 21, 2023Updated 2 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- Scripts for MacOS related tasks.☆18Feb 16, 2020Updated 6 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆45Aug 17, 2020Updated 5 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆46Jan 2, 2022Updated 4 years ago
- Mass Triage Tools☆20Dec 16, 2025Updated 2 months ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Oct 25, 2023Updated 2 years ago
- Creating a Feed of MISP Events from ThreatFox (by abuse.ch)☆19Jun 2, 2021Updated 4 years ago
- A Windows registry file parser written in Rust☆41Oct 30, 2025Updated 4 months ago
- ☆24Mar 12, 2025Updated 11 months ago
- Dissect triage scripts for Citrix NetScaler devices☆69Nov 17, 2025Updated 3 months ago
- Recon Hunt Queries☆79May 16, 2021Updated 4 years ago
- Kestrel Jupyter Notebook Kernel☆10Oct 19, 2023Updated 2 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- A utility to force query DNS over DoH off of CloudFlare API when DNS block is in place☆10Aug 26, 2018Updated 7 years ago
- Netwitness Maltego integration Project☆18May 9, 2017Updated 8 years ago
- Mimikatz embedded as classes☆28Oct 25, 2021Updated 4 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Various tools and scripts☆43Nov 30, 2022Updated 3 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.☆15Jul 13, 2023Updated 2 years ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆118Oct 8, 2023Updated 2 years ago
- Various capabilities for static malware analysis.☆80Sep 4, 2024Updated last year
- Parsers for .mdf file of Microsoft SQL Server (MSSQL)☆15Mar 28, 2020Updated 5 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Feb 12, 2020Updated 6 years ago
- ☆14Mar 6, 2025Updated 11 months ago
- Script to download and decrypt memories and MEO from Snapchat on IOS. Requires the keys for memories to be present in the keychain, as we…☆15Oct 31, 2022Updated 3 years ago