davidhowell-tx / PS-DigitalForensicsLinks
PowerShell scripts for Hard Drive forensics and parsing Windows Artifacts
☆56Updated 4 years ago
Alternatives and similar repositories for PS-DigitalForensics
Users that are interested in PS-DigitalForensics are comparing it to the libraries listed below
Sorting:
- Plugins to add funtionality to ProcDOT. http://www.procdot.com☆23Updated last year
- Proof of concept VBA code to add to Normal.dot to put restrictions on Word☆41Updated 8 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆86Updated 7 years ago
- A warehouse for your malware☆133Updated 12 years ago
- A powershell script for creating a Windows honeyport.☆89Updated 4 months ago
- Recurse through a registry, identifying values with large data -- a registry malware hunter☆45Updated 8 years ago
- Queries to parse sysmon event log file with microsoft logparser☆56Updated 10 years ago
- Basic demo for Hidden Treasure talk.☆49Updated 7 years ago
- PS / Bash / Python / Other scripts For FUN!☆55Updated 5 months ago
- Sandbox feature upgrade with the help of wrapped samples☆76Updated 7 years ago
- Python tool and library to help analyze files during malware triage and analysis.☆78Updated 5 years ago
- A collection of scripts to initialize a windows VM to run all the malwares!☆106Updated 5 years ago
- A Rekall interactive document for a Memory Analysis workshop/course.☆43Updated 8 years ago
- ☆52Updated 6 years ago
- Some IR notes☆73Updated 9 years ago
- ☆97Updated 9 years ago
- Force-Directed Graph Generator for Volatility Ouputs☆26Updated 6 years ago
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆82Updated 7 years ago
- Fast incident overview☆40Updated 8 years ago
- PowerShell No Agent Hunting☆110Updated 7 years ago
- Spacebin is a proof-of-concept malware that exfiltrates data (from No Direct Internet Access environments) via triggering AV on the endpo…☆88Updated 8 years ago
- Modular tool to test exfiltration techniques.☆37Updated 8 years ago
- DocBleachShell is the integration of the great DocBleach, https://github.com/docbleach/DocBleach Content Disarm and Reconstruction tool i…☆21Updated 3 years ago
- NCC Group Ransomware Simulator☆69Updated 9 years ago
- Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…☆37Updated 7 years ago
- A Windows Event Processing Utility☆47Updated 7 years ago
- ☆59Updated 6 years ago
- Automated install scripts for Cuckoo sandbox☆37Updated 7 years ago
- Incident Response Scripts☆30Updated 5 years ago
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆38Updated 7 years ago