libyal / reviveit

Related projects: ⓘ

• 504ensicsLabs / find_times
  Discover potential timestamps within the Windows Registry
  ☆18Updated 10 years ago
• 0pc0deFR / YaraRules
  Multiple rules for yara-project for detect compiler/packer/protector
  ☆32Updated 4 years ago
• 504ensicsLabs / regdecoderlive
  This is a copy of the Registry Decoder Live repository from Google Code
  ☆9Updated 9 years ago
• Rurik / PE_Carver
  Carves EXEs from given data files, using intelligent carving based upon PE headers
  ☆36Updated 7 years ago
• mubix / FakeNetBIOS
  See here:
  ☆41Updated 11 years ago
• bsi-group / autorun-logger-server
  Server for receiving autorun data from the clients
  ☆13Updated 6 years ago
• neriberto / hg
  A tool to download malwares
  ☆15Updated last year
• w8mej / IRKnowledge
  A curated list of tools for incident response
  ☆27Updated 6 months ago
• gleeda / misc-scripts
  misc scripts
  ☆36Updated 5 years ago
• woanware / TargetAnalyser
  Tool for analysts to perform simultaneous lookups (IP, Domain, URL, MD5) against multiple data sources
  ☆29Updated 7 years ago
• libyal / libhibr
  Library and tools to access the Windows Hibernation File (hiberfil.sys) format
  ☆13Updated 2 months ago
• 403labs / recon-ng_modules
  Recon-ng modules that won't get accepted into the main distribution because of 3rd party dependencies.
  ☆17Updated 10 years ago
• JamesHabben / MalwareStuff
  ☆16Updated 9 years ago
• cocaman / retefe
  Artefacts from various retefe campaigns
  ☆10Updated 5 years ago
• sysforensics / SLARF
  ☆14Updated this week
• MarioVilas / vuln_tools
  Tools to work with vulnerability standards.
  ☆19Updated 10 years ago
• libyal / libagdb
  Library and tools to access the Windows SuperFetch database format
  ☆12Updated 2 months ago
• PoorBillionaire / Windows-Prefetch-Carver
  Carve Windows Prefetch files from arbitrary binary data
  ☆14Updated 7 years ago
• jipegit / FECT
  Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer
  ☆40Updated 4 years ago
• nccgroup / firstexecution
  Collection of different ways to execute code outside of the expected entry points
  ☆15Updated 11 years ago
• securesean / sdbScanner
  Volatility Plugin to scan for shimmed processes in Windows
  ☆10Updated 9 years ago
• prolsen / yara-rules
  ☆13Updated this week
• blacktop / docker-nsrl
  ☆12Updated this week
• Rurik / FileInfo
  Basic file metadata gathering script
  ☆21Updated 2 years ago
• 51x / LWHP
  Linux and Windows Hardening Points
  ☆12Updated 6 years ago
• ShellcodeSmuggler / IAT_POC
  POC for IAT Parsing Payloads
  ☆46Updated 7 years ago
• blacktop / language-yara
  Yara syntax highlighting
  ☆24Updated 3 years ago
• Schillings / the-endorser
  ☆18Updated this week
• socprime / SigmaRulesIntegration
  ☆15Updated 6 years ago
• jpalanco / ekanalyzer
  Exploit kit analyzer
  ☆21Updated 9 years ago