SysScout is a fully encapsulated script that quickly and easily pulls local machine information from Linux-Based systems. A simple, easy to use Incident Response and Network Forensics tool that doesn't require installation of dependencies and/or additional toolkits.
☆13Oct 20, 2017Updated 8 years ago
Alternatives and similar repositories for SysScout
Users that are interested in SysScout are comparing it to the libraries listed below
Sorting:
- An updated C# port of X-Ways X-Tensions API.☆11Mar 12, 2018Updated 7 years ago
- The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.☆10Sep 28, 2020Updated 5 years ago
- Go command line app to exploit file upload vulnerability☆12Feb 8, 2017Updated 9 years ago
- Carve NTFS USN records from binary data☆27May 21, 2017Updated 8 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Sharing my BITS☆13Feb 23, 2018Updated 8 years ago
- ☆12Jun 3, 2022Updated 3 years ago
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- interesting analysis☆16May 14, 2018Updated 7 years ago
- Scripts for communication with Bunitu Trojan C&Cs☆19Oct 29, 2015Updated 10 years ago
- A PowerShell function that scans for the existence of a Sticky Keys backdoor.☆24Aug 10, 2017Updated 8 years ago
- Parse Manifest.mbdb files from iTunes backup directories☆20Jun 29, 2017Updated 8 years ago
- Tools to assist in forensicating docker☆86Mar 5, 2025Updated 11 months ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆22Oct 31, 2018Updated 7 years ago
- geolocate ip addresses in IIS logs☆20Jan 8, 2025Updated last year
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Registry hive parsing the async way☆25Oct 29, 2025Updated 4 months ago
- Repository for LNK stuff☆31Aug 31, 2022Updated 3 years ago
- Discover USB device history for a specific user☆23Dec 28, 2015Updated 10 years ago
- iOS Backup Examiner - A forensics tool for parsing an iOS backup's Info.plist file☆23Dec 5, 2016Updated 9 years ago
- This repository is a collection of EnScript code samples for use in the OpenText Endpoint Forensic and OpenText Endpoint Investigator app…☆54Jul 14, 2025Updated 7 months ago
- Tool to parse SRU database☆25Mar 1, 2018Updated 8 years ago
- onigiri - remote malware triage script☆24Nov 5, 2015Updated 10 years ago
- A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.☆26Oct 27, 2019Updated 6 years ago
- Powerful commandline $MFT record editor.☆25Aug 15, 2015Updated 10 years ago
- Development guide for Volatility Plugins☆22Sep 6, 2017Updated 8 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- Automatically exported from code.google.com/p/mac-osx-forensics☆28Jan 12, 2016Updated 10 years ago
- ☆23May 7, 2021Updated 4 years ago
- An LLM and OCR based Indicator of Compromise Extraction Tool☆38Dec 4, 2024Updated last year
- My Year of Python Repository☆28Jun 13, 2020Updated 5 years ago
- Binaries for the log2timeline projects and dependencies☆40Feb 8, 2026Updated 3 weeks ago
- APFS filesystem format for Kaitai Struct☆81Apr 20, 2022Updated 3 years ago
- Cybersecurity Incidents Mind Maps☆34Sep 29, 2021Updated 4 years ago
- Python library for parsing AccessData AD1 images☆33Jun 1, 2023Updated 2 years ago
- Threathunt details for the Solarwinds compromise☆33Jun 26, 2021Updated 4 years ago
- C++ wrapper for YARA.☆45Jan 27, 2020Updated 6 years ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago
- Minimal C port of UTF8-CPP☆12Jun 2, 2019Updated 6 years ago