The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.
☆13Sep 9, 2020Updated 5 years ago
Alternatives and similar repositories for DFUR-Splunk-App
Users that are interested in DFUR-Splunk-App are comparing it to the libraries listed below
Sorting:
- ☆24Aug 30, 2019Updated 6 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Public exploits☆16May 28, 2018Updated 7 years ago
- Python bindings for https://github.com/omerbenamram/mft☆23Dec 23, 2025Updated 2 months ago
- Vulnerability Assessment Module - OpenVas with Elastic stack using VulnWhisperer☆20Jun 11, 2019Updated 6 years ago
- Linux-KVM with rVMI extensions☆22Aug 28, 2017Updated 8 years ago
- ☆17Jan 21, 2026Updated 2 months ago
- ☆50Aug 11, 2023Updated 2 years ago
- Testing your Serverless projects with Jest the easy way!☆27Jan 3, 2023Updated 3 years ago
- A collection of book recommendations by Martin Shkreli☆18Apr 3, 2024Updated last year
- Coming to a place near you.....☆25Jun 29, 2015Updated 10 years ago
- Provides access to libhashcat☆31Apr 6, 2024Updated last year
- pure Python binary analysis framework☆23Oct 26, 2018Updated 7 years ago
- Recover EXT filesystem info from carved directory blocks☆19Jun 23, 2017Updated 8 years ago
- MiniDump a process in memory with rust☆37Jun 20, 2021Updated 4 years ago
- Resolves DLL API entrypoints for a process w/ remote query capabilities.☆58Jun 23, 2017Updated 8 years ago
- general purpose and malware specific analysis tools☆101Oct 22, 2015Updated 10 years ago
- AWS EKS Cluster Forensics☆23Aug 16, 2021Updated 4 years ago
- Bash Recon Scan - Recon and Scan a network using Bash☆31Jun 19, 2022Updated 3 years ago
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Jun 11, 2017Updated 8 years ago
- Netwitness Maltego integration Project☆18May 9, 2017Updated 8 years ago
- A table containing CTF challenge links and their corresponding walkthroughs from different platforms.☆11Oct 23, 2022Updated 3 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- A few scripts I put together to send and receive data from an Azure Log Analytics workspace leveraging the Azure Monitor HTTP Data Collec…☆22May 22, 2023Updated 2 years ago
- Library for Object Linking and Embedding (OLE) data types☆12Nov 27, 2025Updated 3 months ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Digital Forensics and Incident Response notes and Autopsy tool walkthrough☆11Feb 3, 2022Updated 4 years ago
- PyCommand Scripts for Immunity Debugger☆37Jun 21, 2014Updated 11 years ago
- ☆16Feb 23, 2021Updated 5 years ago
- A collection of custom skills that extend Claude's capabilities with specialized workflows, methods, and domain knowledge.☆44Mar 13, 2026Updated last week
- Matt's DFIR blog☆14Jul 28, 2025Updated 7 months ago
- libemu shim layer and win32 environment for Unicorn Engine☆73Apr 14, 2017Updated 8 years ago
- Python-based cloud node for local use☆11Mar 7, 2018Updated 8 years ago
- Jupyter Notebooks for Digital Forensics & Incident Response☆10Nov 23, 2021Updated 4 years ago
- Digital Forensic Investigative Scripts☆87Updated this week
- Documentation for DFIR ORC, artefact collection tool dedicated to Microsoft Windows☆12May 23, 2025Updated 9 months ago
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.☆36Jun 1, 2023Updated 2 years ago
- Reverse_Shell Implemented in C++ with the ability to bypass sandboxes☆12Apr 2, 2021Updated 4 years ago