jeffbryner / NBDServer

Related projects: ⓘ

• strozfriedberg / ntfs-linker
  An NTFS journal parser
  ☆82Updated 8 years ago
• libyal / libvshadow
  Library and tools to access the Volume Shadow Snapshot (VSS) format
  ☆109Updated last month
• log2timeline / dfwinreg
  Digital Forensics Windows Registry (dfWinReg)
  ☆49Updated 4 months ago
• mandiant / AuditParser
  AuditParser
  ☆58Updated 11 years ago
• davehull / Get-StakRank
  A Powershell script for frequency analysis of separated values data files.
  ☆17Updated 10 years ago
• rjhansen / nsrllookup
  Checks with NSRL RDS servers looking for for hash matches
  ☆111Updated 3 years ago
• jschicht / Secure2Csv
  Decode security descriptors in $Secure on NTFS
  ☆20Updated 2 years ago
• TakahiroHaruyama / openioc_scan
  openioc_scan Volatility Framework plugin
  ☆42Updated 8 years ago
• williballenthin / python-ntfs
  Open source Python library for NTFS analysis
  ☆80Updated 6 years ago
• msuhanov / yarp
  Yet another registry parser
  ☆128Updated 2 years ago
• PoorBillionaire / USN-Journal-Parser
  Python script to parse the NTFS USN Journal
  ☆105Updated 2 years ago
• sans-dfir / sift-docs
  ☆37Updated this week
• ralphje / imagemounter
  Command line utility and Python package to ease the (un)mounting of forensic disk images
  ☆116Updated last year
• mantarayforensics / mantaray
  MantaRay Automated Computer Forensic Triage Tool
  ☆63Updated 5 years ago
• dlcowen / dfirwizard
  Example programs used in the automating DFIR series
  ☆64Updated 5 years ago
• EricZimmerman / bstrings
  A better strings utility!
  ☆119Updated last year
• davidhowell-tx / PS-DigitalForensics
  PowerShell scripts for Hard Drive forensics and parsing Windows Artifacts
  ☆56Updated 3 years ago
• EricZimmerman / Prefetch
  Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.
  ☆103Updated last month
• jeffbryner / pyioc
  Python tools for IOC (Indicator of Compromise) handling
  ☆96Updated 2 years ago
• CIRCL / PyMISP
  ☆57Updated this week
• dnlongen / RegLister
  Recurse through a registry, identifying values with large data -- a registry malware hunter
  ☆43Updated 8 years ago
• YahooArchive / PyIOCe
  Python IOC Editor
  ☆61Updated 9 years ago
• glassdfir / SysmonMapper
  Maps process creation logged by Sysmon uses Google Org Chart API
  ☆24Updated 8 years ago
• sans-dfir / sift-files
  ☆64Updated this week
• 0x3a / cryptowall
  Cryptowall Tooling & Information
  ☆35Updated 8 years ago
• sethhall / bro-apt1
  This is a script module for Bro that encapsulates and detects activity related to the Mandiant APT1 report.
  ☆47Updated 10 years ago
• JamesHabben / sysmon-queries
  Queries to parse sysmon event log file with microsoft logparser
  ☆56Updated 9 years ago
• maurermj08 / efetch
  Evidence Fetcher (efetch) is a web-based file explorer, viewer, and analyzer.
  ☆36Updated 4 years ago
• rjhansen / nsrlsvr
  ☆82Updated last year
• log2timeline / dfvfs
  Digital Forensics Virtual File System (dfVFS)
  ☆202Updated 4 months ago