joshbrunty / SysScout
SysScout is a fully encapsulated script that quickly and easily pulls local machine information from Linux-Based systems. A simple, easy to use Incident Response and Network Forensics tool that doesn't require installation of dependencies and/or additional toolkits.
☆13Updated 7 years ago
Alternatives and similar repositories for SysScout:
Users that are interested in SysScout are comparing it to the libraries listed below
- Extract common Windows artifacts from source images and VSCs☆65Updated 3 years ago
- Recurse through a registry, identifying values with large data -- a registry malware hunter☆44Updated 8 years ago
- RegRipper wrapper for simplified bulk parsing or registry hives☆9Updated 6 years ago
- Tool to parse SRU database☆24Updated 7 years ago
- Different DFIR and CTI utilities☆36Updated 4 years ago
- Registry Miner☆14Updated 7 years ago
- VMware Snapshot Forensic Comparison Scripts☆25Updated 12 years ago
- Event Log Analysis Tools☆29Updated 8 years ago
- Windows registry samples☆23Updated 6 years ago
- A GC link parser for both linkfiles and jumplists.☆18Updated 8 years ago
- Mass Triage Tools☆20Updated 2 months ago
- Volatility plugins created by the author☆44Updated 9 years ago
- Binary commandline executable to parse ETL files☆67Updated 6 years ago
- Fast incident overview☆39Updated 8 years ago
- A Windows Event Processing Utility☆46Updated 7 years ago
- Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…☆37Updated 7 years ago
- Python tools for IOC (Indicator of Compromise) handling☆96Updated 3 years ago
- dnssinkholelist is a python package focused on combining open source lists of malicious domains, dynamic dns domains, and advertisement d…☆18Updated 9 years ago
- Web based analysis platform for use with the AWS_IR command line tool.☆17Updated 8 years ago
- Tools for parsing Forensic images☆41Updated 6 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Updated 6 years ago
- Discover USB device history for a specific user☆22Updated 9 years ago
- Parses IE's Automatic Crash Recovery Files☆16Updated 8 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Updated 6 years ago
- Force-Directed Graph Generator for Volatility Ouputs☆26Updated 6 years ago
- Technical add-on to ingest json formatted volatility memory analysis plugin outputs☆13Updated 6 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Updated 8 years ago
- Forensic Scanner☆41Updated 12 years ago
- threadmap plugin for Volatility Foundation☆27Updated 3 years ago
- Some dfir stuff☆31Updated 3 years ago