☆18Apr 16, 2015Updated 10 years ago
Alternatives and similar repositories for linewatch
Users that are interested in linewatch are comparing it to the libraries listed below
Sorting:
- Parses for Google Analytic values in raw files like RAM, DD images etc.☆18Apr 17, 2016Updated 9 years ago
- Useful scripts, rules etc. for use with YARA☆27Feb 12, 2021Updated 5 years ago
- Parse Manifest.mbdb files from iTunes backup directories☆20Jun 29, 2017Updated 8 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Jul 5, 2021Updated 4 years ago
- A simple utility for stripping out either the SHA-1, MD5 or CRC values alone from the NSRL hash database☆14Nov 19, 2021Updated 4 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- Webhood is a privately hosted URL scanner used by threat hunters and security analysts for analyzing phishing and malicious sites.☆31Oct 7, 2024Updated last year
- Some dfir stuff☆31Jan 12, 2022Updated 4 years ago
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- Windows Forensics Salt States☆21Feb 23, 2026Updated last week
- not the worst forensics regexp—this is not the primary repo; caveat programmer☆30May 7, 2019Updated 6 years ago
- Convert Windows Netmon Monitor Mode Wireless Packet Captures to Libpcap Format☆15Jul 20, 2019Updated 6 years ago
- Homographs: brutefind homographs within a font☆19Apr 21, 2017Updated 8 years ago
- ☆17Jan 21, 2026Updated last month
- Digital Forensic Investigative Scripts☆87Feb 6, 2026Updated 3 weeks ago
- Quickly generate snort rules for IOCs☆18Oct 21, 2015Updated 10 years ago
- Git for me to put all my forensics stuff☆23Sep 2, 2025Updated 6 months ago
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 3 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Nov 13, 2022Updated 3 years ago
- incident response scripts☆18Mar 4, 2019Updated 6 years ago
- Various Python scripts that have come in handy but aren't important enough to get their own repository☆22Feb 18, 2021Updated 5 years ago
- Recover event log entries from an image by heurisitically looking for record structures.☆26Oct 9, 2015Updated 10 years ago
- Recover EXT filesystem info from carved directory blocks☆19Jun 23, 2017Updated 8 years ago
- Extract useful information from a Twitter account.☆35Jan 1, 2014Updated 12 years ago
- Create a MS Word index file from PowerPoint notes and slides☆46Sep 6, 2025Updated 5 months ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆22Oct 31, 2018Updated 7 years ago
- Various DFIR Tools☆27Jul 23, 2018Updated 7 years ago
- Generate a histogram of TCP and UDP payload bytes from a pcap file☆24Aug 1, 2022Updated 3 years ago
- Parse IE, FireFox, Chrome and Safari Cookies for Google Analytic values☆23Sep 3, 2016Updated 9 years ago
- This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, dire…☆54Oct 15, 2019Updated 6 years ago
- Identifies physical locations where a laptop has been based upon wireless profiles and wireless data recorded in event logs☆101Jun 2, 2021Updated 4 years ago
- PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.☆51Jan 25, 2018Updated 8 years ago
- ☆61Jan 28, 2026Updated last month
- Jupyter notebooks for threat hunting☆60Mar 26, 2025Updated 11 months ago
- lnk_parser is a full rust implementation to parse windows LNK files☆23Feb 17, 2026Updated last week
- Home to the ActorTrackr source code☆24Jun 21, 2017Updated 8 years ago
- ☆23May 7, 2021Updated 4 years ago
- Autoruns plugin for the Volatility framework��☆122Jul 18, 2019Updated 6 years ago