☆24Aug 30, 2019Updated 6 years ago
Alternatives and similar repositories for win10_auto
Users that are interested in win10_auto are comparing it to the libraries listed below
Sorting:
- Rekall Memory Forensic Framework☆33Aug 5, 2019Updated 6 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.☆13Sep 9, 2020Updated 5 years ago
- ☆17Jan 21, 2026Updated last month
- ☆22Jan 31, 2023Updated 3 years ago
- pure Python binary analysis framework☆23Oct 26, 2018Updated 7 years ago
- Repository for LNK stuff☆31Aug 31, 2022Updated 3 years ago
- \ PowerAvails Powershell /☆10Jun 30, 2018Updated 7 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Simple x64dbg plugin to show registers on every step.☆16Jul 27, 2019Updated 6 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- Anything related to Ghidra☆12Apr 22, 2019Updated 6 years ago
- AWS EKS Cluster Forensics☆23Aug 16, 2021Updated 4 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- MircoSoft Detours 4.0.1,MIT License,Support X86,X64,ARM,IA64☆12Apr 23, 2018Updated 7 years ago
- Exploits I've authored☆60Aug 13, 2019Updated 6 years ago
- The future home for a library able to parse in memory lot of complex structures from common shared libs and syscalls☆15Apr 4, 2023Updated 2 years ago
- ☆11Mar 12, 2021Updated 4 years ago
- 请叫我跳跳虎☆32Dec 21, 2020Updated 5 years ago
- Bro PCAP Processing and Tagging API☆28Nov 9, 2017Updated 8 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆78Jan 9, 2024Updated 2 years ago
- ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.☆36Jun 1, 2023Updated 2 years ago
- Binary analysis. Capstone+Keystone+Unicorn = static and dynamic binary analysis☆12Oct 11, 2019Updated 6 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Jul 16, 2019Updated 6 years ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- Rolling Timeline for Incident Recorder.☆14Dec 4, 2023Updated 2 years ago
- A debugger / emulator for Ghidra☆14Oct 30, 2019Updated 6 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- CryptoWall 3.0 Ransomware Reversing Documentation & Scripts☆17Nov 24, 2020Updated 5 years ago
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆14Mar 4, 2019Updated 6 years ago
- ☆12Jun 3, 2022Updated 3 years ago
- ghidra scripts☆15Feb 5, 2021Updated 5 years ago
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- Ruby bindings for the yara file analysis and classification library☆27Aug 26, 2011Updated 14 years ago
- A Python parser for Rich Headers☆15Jun 2, 2015Updated 10 years ago
- An opensource API hooking framework☆22Jan 3, 2020Updated 6 years ago