Dump quarantined files from Windows Defender
☆75Apr 6, 2022Updated 3 years ago
Alternatives and similar repositories for defender-dump
Users that are interested in defender-dump are comparing it to the libraries listed below
Sorting:
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Multi-quarantine extractor☆52Feb 4, 2026Updated last month
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆15Apr 21, 2025Updated 10 months ago
- Utilizing DLang For Offensive Operations.☆14May 29, 2025Updated 9 months ago
- Thor Artifacts for Velociraptor☆19Dec 2, 2025Updated 3 months ago
- an open source python deobfuscator for pyobfuscate.com☆40Jul 28, 2024Updated last year
- Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…☆14Jun 21, 2024Updated last year
- This is a repository for reporting any issues in any of my software☆13May 15, 2018Updated 7 years ago
- Capture. Detonate. Collect☆14Sep 20, 2024Updated last year
- Carve file metadata from NTFS index ($I30) attributes☆71Feb 3, 2024Updated 2 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Vault of Windows Registry forensic artifacts☆28Nov 12, 2025Updated 3 months ago
- StickyParser - Sticky Notes Forensic. A Windows Sticky Notes Praser (snt and plum.sqlite supported). Additional Feature: SQLite Recovery …☆20Jul 18, 2023Updated 2 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Sep 13, 2023Updated 2 years ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 10 months ago
- ☆21May 8, 2022Updated 3 years ago
- ☆28Oct 15, 2025Updated 4 months ago
- USN Journal full path builder☆65Sep 16, 2024Updated last year
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆310Sep 3, 2023Updated 2 years ago
- Toolkit for Filesystem based Data Hiding Techniques.☆39Sep 13, 2019Updated 6 years ago
- Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!☆51Jan 9, 2026Updated last month
- Best Repo for learn DDOS ( Send me Stars ⭐ )☆36Feb 5, 2026Updated last month
- Parent Process ID Spoofing, coded in CGo.☆24Apr 21, 2025Updated 10 months ago
- ☆24Mar 12, 2025Updated 11 months ago
- Initial triage of Windows Event logs☆106Jun 16, 2024Updated last year
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆11Jun 19, 2025Updated 8 months ago
- Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.☆27Dec 1, 2022Updated 3 years ago
- Discord HTTP requests interception POC, including backup codes requests, for educational purposes only.☆25Jul 11, 2024Updated last year
- ☆37Nov 8, 2024Updated last year
- A fucking real shellcode loader with a GUI. Work-in-Progress.☆82Jun 25, 2025Updated 8 months ago
- extract chromium-based browser's cookies using chrome's remote debugging without admin rights☆22Nov 3, 2024Updated last year
- Plugins for parsing CSV files in Timeline Explorer. This project allows for anyone to add more supported files (i,e. they get a Line #/ta…☆30May 5, 2025Updated 10 months ago
- Parser for $LogFile on NTFS☆215Jun 1, 2025Updated 9 months ago
- ☆309Aug 14, 2020Updated 5 years ago
- HardwareTurningPoint, Fully Go Compatible Hardware Breakpoint☆16Jan 30, 2025Updated last year