The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.
☆13Sep 9, 2020Updated 5 years ago
Alternatives and similar repositories for DFUR-Splunk-App
Users that are interested in DFUR-Splunk-App are comparing it to the libraries listed below
Sorting:
- ☆24Aug 30, 2019Updated 6 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Public exploits☆16May 28, 2018Updated 7 years ago
- ☆17Jan 21, 2026Updated last month
- Python bindings for https://github.com/omerbenamram/mft��☆23Dec 23, 2025Updated 2 months ago
- Linux-KVM with rVMI extensions☆22Aug 28, 2017Updated 8 years ago
- Vulnerability Assessment Module - OpenVas with Elastic stack using VulnWhisperer☆19Jun 11, 2019Updated 6 years ago
- ☆50Aug 11, 2023Updated 2 years ago
- A few scripts I put together to send and receive data from an Azure Log Analytics workspace leveraging the Azure Monitor HTTP Data Collec…☆22May 22, 2023Updated 2 years ago
- Recover EXT filesystem info from carved directory blocks☆19Jun 23, 2017Updated 8 years ago
- Coming to a place near you.....☆25Jun 29, 2015Updated 10 years ago
- pure Python binary analysis framework☆23Oct 26, 2018Updated 7 years ago
- Bash Recon Scan - Recon and Scan a network using Bash☆30Jun 19, 2022Updated 3 years ago
- PyCommand Scripts for Immunity Debugger☆37Jun 21, 2014Updated 11 years ago
- Testing your Serverless projects with Jest the easy way!☆27Jan 3, 2023Updated 3 years ago
- AWS EKS Cluster Forensics☆23Aug 16, 2021Updated 4 years ago
- QEMU with rVMI extensions☆25Jul 25, 2017Updated 8 years ago
- Provides access to libhashcat☆31Apr 6, 2024Updated last year
- Resolves DLL API entrypoints for a process w/ remote query capabilities.☆58Jun 23, 2017Updated 8 years ago
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Jun 11, 2017Updated 8 years ago
- ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.☆36Jun 1, 2023Updated 2 years ago
- A comprehensive PowerShell-based threat hunting and incident response framework for Windows environments, built around Sysmon event analy…☆48Jul 17, 2025Updated 7 months ago
- Digital Forensic Investigative Scripts☆87Feb 6, 2026Updated 3 weeks ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Jul 11, 2023Updated 2 years ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆30Jun 11, 2024Updated last year
- ☆82Jul 5, 2016Updated 9 years ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆33May 25, 2024Updated last year
- MiniDump a process in memory with rust☆37Jun 20, 2021Updated 4 years ago
- libemu shim layer and win32 environment for Unicorn Engine☆73Apr 14, 2017Updated 8 years ago
- general purpose and malware specific analysis tools☆101Oct 22, 2015Updated 10 years ago
- User Guide present in Trezor Suite☆12Jan 8, 2026Updated last month
- Azure Deployment Templates for Mandiant Managed Huning☆12Jun 1, 2023Updated 2 years ago
- A High-Frequency Market-Making bot for CoinCheck.jp☆10Oct 30, 2017Updated 8 years ago
- A huge base of icons coins (cryptocurrencies). 1887 icons from 16x16 to 128x28.☆12Apr 17, 2018Updated 7 years ago
- A collection of book recommendations by Martin Shkreli☆18Apr 3, 2024Updated last year
- Android app for tracking your locations and uploading them on your private server☆11Jul 1, 2017Updated 8 years ago
- DNS Enumeration and Reconnaissance Tool☆36Jan 19, 2016Updated 10 years ago
- ☆85Apr 10, 2023Updated 2 years ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago