cristianzsh / amcache-evilhunterLinks
Parse and analyze a Windows Amcache.hve registry hive, VirusTotal integration.
β18Updated last month
Alternatives and similar repositories for amcache-evilhunter
Users that are interested in amcache-evilhunter are comparing it to the libraries listed below
Sorting:
- Finding ClickFix and FakeCAPTCHA like it's 1999β61Updated this week
- π§° ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.β78Updated 5 months ago
- A PowerShell-based script to analyze network logs from CSV files and detect potential beaconing behavior. Supports VirusTotal integrationβ¦β17Updated 4 months ago
- A simple script to read the contents of a zip/tar/folder and extract metadataβ20Updated 5 months ago
- Quick ESXi Log Parserβ26Updated 3 weeks ago
- β50Updated this week
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.β49Updated 5 months ago
- ASR Configurator, Essentials and Atomic Testingβ94Updated 5 months ago
- Tools and scripts to deploy and manage OpenRelik instancesβ15Updated 3 months ago
- Have you ever wanted to search a link or IP address on multiple OSINT pages at once?β57Updated 2 months ago
- β74Updated 2 weeks ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from themβ34Updated 3 months ago
- Repo for experimenting and testing MCP server builds for CTI-related research.β27Updated 4 months ago
- AppLocker Policy Generatorβ22Updated last month
- Convert Sigma rules to SIEM queries, directly in your browser.β95Updated last week
- A comprehensive GenAI protection system designed to protect against malicious prompts, injection attacks, and harmful content. System incβ¦β73Updated this week
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), geneβ¦β88Updated 3 weeks ago
- A tool for fetching DFIR and other GitHub tools.β24Updated 2 months ago
- Cyber threat intelligence tool suite.β42Updated 6 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.β157Updated 6 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events fileβ88Updated 7 months ago
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.β21Updated 9 months ago
- A simple tool designed to create Atomic Red Team tests with ease.β46Updated 6 months ago
- β68Updated 2 weeks ago
- The core backend server handling API requests and task managementβ48Updated last week
- β96Updated last month
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.β56Updated 3 months ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extracβ¦β150Updated last year
- Parses USB connection artifacts from offline Registry hivesβ101Updated 3 months ago
- Sigma detection rules for hunting with the threathunting-keywords projectβ56Updated 7 months ago