harelsegev / prefetch-hash-crackerLinks
A small util to brute-force prefetch hashes
☆77Updated 3 years ago
Alternatives and similar repositories for prefetch-hash-cracker
Users that are interested in prefetch-hash-cracker are comparing it to the libraries listed below
Sorting:
- RegRipper4.0☆52Updated last month
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago
- Initial triage of Windows Event logs☆99Updated last year
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- Yara Rules for Modern Malware☆77Updated last year
- Triaging Windows event logs based on SANS Poster☆39Updated 2 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆62Updated 6 months ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 2 years ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆94Updated 2 years ago
- Open IOC sharing platform☆55Updated 7 months ago
- Linux Evidence Acquisition Framework☆119Updated 8 months ago
- IOC Collection 2022☆57Updated 2 years ago
- An exercise to practice deobfuscating PowerShell Scripts.☆28Updated 2 years ago
- Windows symbol tables for Volatility 3☆87Updated 11 months ago
- Default Detections for EDR☆96Updated last year
- ShellSweeping the evil.☆53Updated last year
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated 2 years ago
- ☆33Updated last year
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆95Updated last year
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Updated 2 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆240Updated 2 months ago
- ☆38Updated 3 years ago
- Evtx Log (xml) Browser☆56Updated 2 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- Python based CLI for MalwareBazaar☆37Updated 7 months ago
- ☆38Updated 3 years ago