GeoLogonalyzer is a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.
☆196Aug 12, 2024Updated last year
Alternatives and similar repositories for GeoLogonalyzer
Users that are interested in GeoLogonalyzer are comparing it to the libraries listed below
Sorting:
- ☆53May 21, 2018Updated 7 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- Network detector for Winnti malware☆21Mar 6, 2018Updated 8 years ago
- The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.☆13Sep 9, 2020Updated 5 years ago
- Site for IWS book content☆17Oct 28, 2018Updated 7 years ago
- Automated Memory Forensic☆34Jul 18, 2018Updated 7 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- misc scripts☆35Oct 23, 2018Updated 7 years ago
- Automated forensics written in PowerShell☆34Sep 29, 2019Updated 6 years ago
- IR-Tools - PowerShell tools for IR☆130Jul 10, 2017Updated 8 years ago
- Carve NTFS USN records from binary data☆27May 21, 2017Updated 8 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- ☆432May 3, 2023Updated 2 years ago
- ☆398Updated this week
- Scripts and code referenced in CrowdStrike blog posts☆339Nov 13, 2019Updated 6 years ago
- Network Forensics Workshop Files☆17Apr 21, 2015Updated 10 years ago
- A Yara rule generator for finding related samples and hunting☆162Sep 11, 2022Updated 3 years ago
- Bro PCAP Processing and Tagging API☆28Nov 9, 2017Updated 8 years ago
- pure Python binary analysis framework☆23Oct 26, 2018Updated 7 years ago
- ☆280Apr 6, 2023Updated 2 years ago
- ☆82Jul 5, 2016Updated 9 years ago
- onigiri - remote malware triage script☆24Nov 5, 2015Updated 10 years ago
- Online hash checker for Virustotal and other services☆846Mar 21, 2025Updated last year
- Query and report user logons relations from MS Windows Security Events☆243Aug 9, 2018Updated 7 years ago
- Office365 Log Analysis Framework☆81Jun 6, 2019Updated 6 years ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,427Nov 16, 2023Updated 2 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆430Dec 22, 2023Updated 2 years ago
- Tools from WFA 4/e, timeline tools, etc.☆145Feb 29, 2024Updated 2 years ago
- ☆310Aug 14, 2020Updated 5 years ago
- Basic log analysis tool to detect impossible travel via IP address geographic information☆20Apr 29, 2019Updated 6 years ago
- The User Interface for GoCrack☆88Mar 11, 2026Updated last week
- SubShell is a python command shell used to control and execute commands through HTTP requests to a webshell. SubShell acts as the interfa…☆75Nov 6, 2016Updated 9 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- VSCode extension for the YARA pattern matching language☆63Jan 10, 2024Updated 2 years ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆209Sep 15, 2021Updated 4 years ago
- incident response scripts☆18Mar 4, 2019Updated 7 years ago
- PowerShell version of Fail2Ban☆13Oct 10, 2019Updated 6 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆343Jun 25, 2022Updated 3 years ago
- A collection of scripts to initialize a windows VM to run all the malwares!☆107Apr 3, 2020Updated 5 years ago