Recover EXT filesystem info from carved directory blocks
☆19Jun 23, 2017Updated 8 years ago
Alternatives and similar repositories for analyzeEXT
Users that are interested in analyzeEXT are comparing it to the libraries listed below
Sorting:
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 6 years ago
- Digital Forensic Investigative Scripts☆87Feb 6, 2026Updated 3 weeks ago
- ☆13Apr 6, 2016Updated 9 years ago
- CDPO is a tool to validate, de-duplicate, combine, query, and encrypt track data recovered from a breach.☆15Jun 23, 2017Updated 8 years ago
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- Different DFIR and CTI utilities☆39May 13, 2020Updated 5 years ago
- Hunt malware with Volatility☆47Jul 9, 2025Updated 7 months ago
- Parse Manifest.mbdb files from iTunes backup directories☆20Jun 29, 2017Updated 8 years ago
- Carve files for MFT entries (eg. blkls output or memory dumps). Recovers filenames (long & short), timestamps ($STD & $FN) and data if re…☆22Jun 3, 2019Updated 6 years ago
- ☆18Apr 16, 2015Updated 10 years ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆23Oct 31, 2018Updated 7 years ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- Docker Container to deploy Mitre Caldera Automated Adversary Emulation System☆26Sep 26, 2020Updated 5 years ago
- Log Examination Tool☆27Oct 11, 2016Updated 9 years ago
- OpenHIPS prevents exploitation of Windows systems☆35Jan 7, 2013Updated 13 years ago
- Tools for the Computer Incident Response Team☆150Apr 17, 2017Updated 8 years ago
- Some dfir stuff☆31Jan 12, 2022Updated 4 years ago
- A massive collection of Cybersecurity papers, guides and reports.☆10Jan 3, 2025Updated last year
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆41Jul 29, 2020Updated 5 years ago
- Personal settings for X-Ways Forensics☆32Apr 28, 2022Updated 3 years ago
- Manage VT Alerts☆62Oct 4, 2016Updated 9 years ago
- Some IR notes☆73Jul 23, 2016Updated 9 years ago
- Automated forensics written in PowerShell☆34Sep 29, 2019Updated 6 years ago
- Python script to batch query the Tor Relays and Bridges☆38Mar 8, 2019Updated 6 years ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago
- Sample SecOps scripts and Utilities☆12Jun 19, 2024Updated last year
- morphHTA - Morphing Cobalt Strike's evil.HTA☆10Jun 3, 2017Updated 8 years ago
- MFT Fast Transcoder is a fast forensic tool to analyze MFT of NTFS partitions.☆12Feb 27, 2023Updated 3 years ago
- Network Shredder IDS☆11Aug 14, 2024Updated last year
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Mar 26, 2016Updated 9 years ago
- A Windows registry file parser written in Rust☆41Oct 30, 2025Updated 4 months ago
- A boot record parser that identifies known good signatures for MBR, VBR and IPL.☆96Feb 12, 2025Updated last year
- Extensible Storage Engine (ESE) Database File Knowledge Base☆46Dec 23, 2025Updated 2 months ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- PlayStation GPU (WIP)☆17Oct 3, 2023Updated 2 years ago
- TLD records archive. Revisiting the original TLDR project by mandatoryprogrammer, on the hunt for more root nameserver changes.☆11Dec 4, 2022Updated 3 years ago