Dump quarantined files from Windows Defender
☆78Apr 6, 2022Updated 4 years ago
Alternatives and similar repositories for defender-dump
Users that are interested in defender-dump are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated 2 years ago
- Multi-quarantine extractor☆56Mar 3, 2026Updated 2 months ago
- an open source python deobfuscator for pyobfuscate.com☆40Jul 28, 2024Updated last year
- Utilizing DLang For Offensive Operations.☆15May 29, 2025Updated 11 months ago
- Thor Artifacts for Velociraptor☆19Dec 2, 2025Updated 5 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Capture. Detonate. Collect☆14Sep 20, 2024Updated last year
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆22Sep 30, 2022Updated 3 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- ☆21May 8, 2022Updated 4 years ago
- Vault of Windows Registry forensic artifacts☆30Nov 12, 2025Updated 6 months ago
- This is a repository for reporting any issues in any of my software☆13May 15, 2018Updated 8 years ago
- Process Hollowing in Rust with Process Executable Relocation Support for both 32 and 64 bit architecture environments.☆24Jan 6, 2025Updated last year
- Carve file metadata from NTFS index ($I30) attributes☆73Feb 3, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…☆14Jun 21, 2024Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Sep 13, 2023Updated 2 years ago
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆327Sep 3, 2023Updated 2 years ago
- StickyParser - Sticky Notes Forensic. A Windows Sticky Notes Praser (snt and plum.sqlite supported). Additional Feature: SQLite Recovery …☆21Jul 18, 2023Updated 2 years ago
- Disassemble V8 Ignition bytecode.☆12Jan 2, 2024Updated 2 years ago
- A fucking real shellcode loader with a GUI. Work-in-Progress.☆82Jun 25, 2025Updated 11 months ago
- ☆23Mar 12, 2025Updated last year
- USN Journal full path builder☆69Apr 16, 2026Updated last month
- ☆22Jan 31, 2023Updated 3 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- ☆37Nov 8, 2024Updated last year
- Plugins for parsing CSV files in Timeline Explorer. This project allows for anyone to add more supported files (i,e. they get a Line #/ta…☆33May 11, 2026Updated 2 weeks ago
- Near compile-time string obfuscation for Golang☆13Oct 3, 2023Updated 2 years ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆85May 18, 2026Updated last week
- ☆10Apr 19, 2026Updated last month
- Reverse engineering malware samples☆16Dec 3, 2021Updated 4 years ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆118Jan 26, 2022Updated 4 years ago
- ☆31Feb 12, 2026Updated 3 months ago
- extract chromium-based browser's cookies using chrome's remote debugging without admin rights☆22Nov 3, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- This repository contains a tool that can encrypt all type of files and give the encrypted output in the form of an encrypted shellcode. P…☆16Dec 21, 2021Updated 4 years ago
- HardwareTurningPoint, Fully Go Compatible Hardware Breakpoint☆16Jan 30, 2025Updated last year
- The first open source runtime windows batch and command line deobfuscator☆42Aug 20, 2025Updated 9 months ago
- A collaboration effort by the DFIR community to provide definitions (sometimes multiple) for common forensic terms!☆26Dec 1, 2022Updated 3 years ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆257Oct 29, 2025Updated 6 months ago
- Discord HTTP requests interception POC, including backup codes requests, for educational purposes only.☆24Jul 11, 2024Updated last year
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago