Python code illustrating different operating system terminologies, techniques, and solutions
☆70Nov 20, 2022Updated 3 years ago
Alternatives and similar repositories for OS
Users that are interested in OS are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- geolocate ip addresses in IIS logs☆20Jan 8, 2025Updated last year
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Aug 6, 2022Updated 3 years ago
- Everything related to Linux Forensics☆718Jul 13, 2023Updated 2 years ago
- Malware Samples that could be used for teaching students about malware analysis.☆64Apr 8, 2024Updated last year
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- Extension blocks as found in ShellBags and other places in the Registry☆25Jan 7, 2025Updated last year
- allowing um r/w through km from um ioctl ™☆11Jan 2, 2022Updated 4 years ago
- Certipy in Docker☆13Mar 28, 2024Updated last year
- Tools for macOS Forensic Bootable media☆16May 20, 2020Updated 5 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- NTFS file system specimens☆13Jul 3, 2023Updated 2 years ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Python for Defenders Course Resources☆20Mar 12, 2026Updated last week
- XOrCryptEx lightweight C Utility/Algorithm☆11Mar 3, 2022Updated 4 years ago
- extract and parse WEVT_TEMPLATEs from PE files☆18Dec 30, 2023Updated 2 years ago
- Repository of Yara Rules☆141Mar 16, 2026Updated last week
- isodump - ISO dump utility☆41Jun 9, 2019Updated 6 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- irCRpull is a PowerShell script utilized to pull several system artifacts, utilizing the free tool CrowdResponse, from a live Win7+ syste…☆14Mar 25, 2015Updated 11 years ago
- Set up a quick and dirty audit log on an SQLite db.☆16May 16, 2013Updated 12 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆79Jan 9, 2024Updated 2 years ago
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Jul 16, 2019Updated 6 years ago
- A small tool to unmap PE memory dumps.☆11Nov 9, 2023Updated 2 years ago
- Bachelor Thesis for XAMK - Machine Learning Methods for Malware Detection and Classification☆13Jan 29, 2020Updated 6 years ago
- All in one - Malware + Analysis by Cylance☆11Nov 23, 2018Updated 7 years ago
- Python bindings for LZFSE☆18Jul 9, 2020Updated 5 years ago
- ☆19Jan 14, 2026Updated 2 months ago
- A Repository to Track Anti-Forensic Techniques☆119Mar 8, 2023Updated 3 years ago
- High-level Threat Intelligence playbooks☆20Mar 6, 2021Updated 5 years ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆117Jan 26, 2022Updated 4 years ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Sep 13, 2023Updated 2 years ago
- Disassembler Library for x86 and x86-64☆15Apr 7, 2020Updated 5 years ago
- Modified version of i.j Shell Property Sheets Export/Import 32☆11Nov 17, 2020Updated 5 years ago
- Take a QEMU binary, copy the dependencies into a chroot☆11Oct 5, 2022Updated 3 years ago
- ☆27Mar 2, 2022Updated 4 years ago