davidhowell-tx / PS-DigitalForensicsLinks
PowerShell scripts for Hard Drive forensics and parsing Windows Artifacts
☆56Updated 5 years ago
Alternatives and similar repositories for PS-DigitalForensics
Users that are interested in PS-DigitalForensics are comparing it to the libraries listed below
Sorting:
- Plugins to add funtionality to ProcDOT. http://www.procdot.com☆25Updated 2 years ago
- Queries to parse sysmon event log file with microsoft logparser☆58Updated 10 years ago
- PS / Bash / Python / Other scripts For FUN!☆56Updated last month
- A powershell script for creating a Windows honeyport.☆91Updated 9 months ago
- Recurse through a registry, identifying values with large data -- a registry malware hunter☆44Updated 9 years ago
- Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…☆37Updated 7 years ago
- BTG's purpose is to make fast and efficient search on IOC☆71Updated 7 years ago
- Fast incident overview☆41Updated 8 years ago
- Proof of concept VBA code to add to Normal.dot to put restrictions on Word☆41Updated 9 years ago
- A collection of scripts to initialize a windows VM to run all the malwares!☆107Updated 5 years ago
- Python tool and library to help analyze files during malware triage and analysis.☆78Updated 5 years ago
- A warehouse for your malware☆135Updated last month
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆82Updated 8 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆88Updated 8 years ago
- Force-Directed Graph Generator for Volatility Ouputs☆26Updated 6 years ago
- Basic demo for Hidden Treasure talk.☆49Updated 8 years ago
- Incident Response Scripts☆30Updated 5 years ago
- Some IR notes☆73Updated 9 years ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆41Updated 5 years ago
- A Rekall interactive document for a Memory Analysis workshop/course.☆43Updated 8 years ago
- PowerShell No Agent Hunting☆110Updated 7 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Updated 7 years ago
- ☆52Updated 7 years ago
- Comprehensive Pivoting Framework☆20Updated 9 years ago
- ☆54Updated 5 years ago
- Modular tool to test exfiltration techniques.☆37Updated 8 years ago
- DocBleachShell is the integration of the great DocBleach, https://github.com/docbleach/DocBleach Content Disarm and Reconstruction tool i…☆21Updated 3 years ago
- ☆97Updated 9 years ago
- NCC Group Ransomware Simulator☆69Updated 9 years ago
- Mass static malware analysis tool☆95Updated 3 years ago