herosi / triage-collectorLinks
☆23Updated last year
Alternatives and similar repositories for triage-collector
Users that are interested in triage-collector are comparing it to the libraries listed below
Sorting:
- ☆36Updated 2 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- Imphash-like calculation on Golang binaries☆49Updated 3 years ago
- ☆33Updated 3 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- ☆15Updated 3 years ago
- Quick ESXi Log Parser☆26Updated this week
- ETW forensic tool for Volatility3 plugin☆16Updated 11 months ago
- Lazarus analysis tools and research report☆57Updated last year
- Documentation and parsers for different anti-virus quarantine formats.☆42Updated 4 years ago
- A multi-threaded malware sample downloader based upon given MD-5/SHA-1/SHA-256 hashes, using multiple malware databases.☆30Updated 2 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆43Updated 4 years ago
- A set of tools for collecting forensic information☆26Updated 5 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Yara Rules for Modern Malware☆79Updated last year
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆45Updated 2 years ago
- ShellSweeping the evil.☆53Updated last year
- A collection of my yara rules☆34Updated 2 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆62Updated 10 months ago
- ☆21Updated 7 months ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated 2 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Updated 2 years ago
- Carve file metadata from NTFS index ($I30) attributes☆71Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆96Updated 3 years ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 3 years ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆35Updated 2 years ago
- Static Decryptor for IcedID Malware☆18Updated 3 years ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 3 years ago