dfirlabs / ntfs-specimens
NTFS file system specimens
☆14Updated last year
Related projects ⓘ
Alternatives and complementary repositories for ntfs-specimens
- Just Another broken Registry Parser (JARP)☆16Updated 5 months ago
- ☆19Updated last year
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆13Updated 8 months ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆22Updated 9 months ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- Yara rules☆20Updated last year
- Collection of scripts used to analyse malware or emails☆19Updated 4 years ago
- ☆10Updated last year
- macOS Artifact Intelligence Tool☆13Updated 5 years ago
- Forensic cheatsheets for use with cheat☆15Updated 2 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆13Updated 3 years ago
- A DFVFS Backed Forensic Viewer☆39Updated 4 years ago
- Site for IWS book content☆18Updated 6 years ago
- Google Filestream Forensic Tool☆16Updated 2 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- Git for me to put all my forensics stuff☆21Updated 2 months ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- Steezy - Ghetto Yara Generation☆15Updated last year
- An extendable tool to extract and aggregate IoCs from threat feeds☆32Updated 9 months ago
- ☆24Updated 2 years ago
- Attempt to replicate the functions of auto_rip by Corey Harrell in Python.☆13Updated 3 months ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆25Updated 2 years ago
- Hundred Days of Yara Challenge☆12Updated 2 years ago
- Miscellaneous Scripts☆17Updated 4 years ago
- Python 3 library to build YARA rules.☆13Updated 3 years ago
- volatility-runner is a command line application designed to speed up memory forensics using the volatility framework, primarily for insta…☆11Updated 5 years ago
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Updated 2 years ago
- LNK to JSON☆14Updated 5 years ago
- A tool to help malware analysts signature unique parts of RTF documents☆29Updated 9 months ago
- Repository for scripts and tips for "Yara Scan Service"☆20Updated last year