janstarke / regview

Related projects: ⓘ

• ArsenalRecon / SdbaParser
  Parser for Sdba memory pool tags
  ☆17Updated 3 years ago
• Velocidex / SQLiteHunter
  Hunt for SQLite files used by various applications
  ☆10Updated last month
• woanware / reg-entropy-scanner
  Scans through registry hives outputting entropy values for key/values, dumps binary contents to files...we are looking for those "fileles…
  ☆10Updated 5 years ago
• 0xHasanM / Autopsy-Registry-Explorer
  Autopsy Module to analyze Registry Hives
  ☆13Updated 2 years ago
• 00010111 / gMetaDataParse
  ☆19Updated last year
• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• kyle-phillips / adversarial-tools
  A collection of tools adversaries commonly use in an attack.
  ☆14Updated 3 months ago
• net-protect / google-fs-recover
  Google Filestream Forensic Tool
  ☆16Updated 2 years ago
• gajos112 / SRUM-Timeliner
  ☆10Updated 10 months ago
• k3idii / ION
  Indicators of Normality
  ☆12Updated 2 years ago
• dfirlabs / ntfs-specimens
  NTFS file system specimens
  ☆13Updated last year
• AbdulRhmanAlfaifi / SDSParser-rs
  NTFS Security Descriptor Stream ($Secure:$SDS) parser
  ☆13Updated last year
• AndrewRathbun / SANSGoldPaperResearch_FOR500_Rathbun
  A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.
  ☆24Updated 2 years ago
• nccgroup / mimikatz-detector-busylight
  USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…
  ☆19Updated 2 years ago
• ruppde / yara_rules
  Yara rules
  ☆18Updated last year
• Silv3rHorn / autoripy
  Attempt to replicate the functions of auto_rip by Corey Harrell in Python.
  ☆13Updated last month
• automate-tim / conference-materials
  Speaking materials from conferences I've given
  ☆9Updated 2 years ago
• CD-R0M / YARA
  Hundred Days of Yara Challenge
  ☆12Updated 2 years ago
• ydkhatri / Appx-Analysis
  Scripts and tools created for appx analysis talk (Magnet summit 2019)
  ☆13Updated 6 months ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆21Updated 2 weeks ago
• plonxyz / 4n6pi
  ☆14Updated last month
• ydkhatri / jarp
  Just Another broken Registry Parser (JARP)
  ☆15Updated 3 months ago
• g-les / macho_similarity
  Conceptual Methods for Finding Commonalities in Macho Files
  ☆12Updated 6 months ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated last year
• herosi / triage-collector
  ☆20Updated 2 months ago
• iAbdullahMughal / dscan
  D-Scan project for office document analysis and generating flow diagram of macro in documents. For demo visit
  ☆29Updated 2 months ago
• WithSecureLabs / FLAIR
  F-Secure Lightweight Acqusition for Incident Response (FLAIR)
  ☆16Updated 3 years ago
• stairwell-inc / threat-research
  Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
  ☆21Updated 7 months ago
• SentineLabs / log4j_response
  ☆15Updated 2 years ago
• dwmetz / Axiom-PowerShell
  PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.
  ☆10Updated 3 weeks ago