janstarke / regview
Offline-viewer for registry files
☆11Updated 3 months ago
Related projects: ⓘ
- Parser for Sdba memory pool tags☆17Updated 3 years ago
- Hunt for SQLite files used by various applications☆10Updated last month
- Scans through registry hives outputting entropy values for key/values, dumps binary contents to files...we are looking for those "fileles…☆10Updated 5 years ago
- Autopsy Module to analyze Registry Hives☆13Updated 2 years ago
- ☆19Updated last year
- ☆12Updated 3 years ago
- A collection of tools adversaries commonly use in an attack.☆14Updated 3 months ago
- Google Filestream Forensic Tool☆16Updated 2 years ago
- ☆10Updated 10 months ago
- Indicators of Normality☆12Updated 2 years ago
- NTFS file system specimens☆13Updated last year
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆13Updated last year
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆24Updated 2 years ago
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆19Updated 2 years ago
- Yara rules☆18Updated last year
- Attempt to replicate the functions of auto_rip by Corey Harrell in Python.☆13Updated last month
- Speaking materials from conferences I've given☆9Updated 2 years ago
- Hundred Days of Yara Challenge☆12Updated 2 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆13Updated 6 months ago
- An experimental Velociraptor implementation using cloud infrastructure☆21Updated 2 weeks ago
- ☆14Updated last month
- Just Another broken Registry Parser (JARP)☆15Updated 3 months ago
- Conceptual Methods for Finding Commonalities in Macho Files☆12Updated 6 months ago
- ☆34Updated last year
- ☆20Updated 2 months ago
- D-Scan project for office document analysis and generating flow diagram of macro in documents. For demo visit☆29Updated 2 months ago
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Updated 3 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆21Updated 7 months ago
- ☆15Updated 2 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆10Updated 3 weeks ago