Scripts to facilitate filtering with Plaso
☆128May 20, 2020Updated 5 years ago
Alternatives and similar repositories for plaso_filters
Users that are interested in plaso_filters are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆79Jan 9, 2024Updated 2 years ago
- Super timeline all the things☆2,039Feb 10, 2026Updated last month
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆120Oct 8, 2023Updated 2 years ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆33May 25, 2024Updated last year
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Finds event logs between two time points. Useful for helpdesk/support/malware analysis.☆47Feb 26, 2019Updated 7 years ago
- A dedicated repo to interact with the API of Timesketch☆12Sep 17, 2021Updated 4 years ago
- Digital Forensics artifact repository☆1,219Feb 11, 2026Updated last month
- Tools from WFA 4/e, timeline tools, etc.☆145Feb 29, 2024Updated 2 years ago
- ☆311Aug 14, 2020Updated 5 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 7 years ago
- CyLR - Live Response Collection Tool☆718Jun 1, 2022Updated 3 years ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆36Feb 2, 2022Updated 4 years ago
- ☆12Jun 3, 2022Updated 3 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆506Oct 21, 2022Updated 3 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- macOS forensic acquisition made simple☆239Mar 6, 2026Updated 3 weeks ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆209Sep 15, 2021Updated 4 years ago
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images☆89Aug 29, 2023Updated 2 years ago
- Reconstruct process trees from event logs☆147Aug 12, 2020Updated 5 years ago
- The Volatility Collaborative GUI☆265Feb 11, 2026Updated last month
- Documentation and scripts to properly enable Windows event logs.☆674Oct 3, 2025Updated 5 months ago
- Various tools and scripts☆43Nov 30, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Collaborative forensic timeline analysis☆3,296Updated this week
- A set of tools for collecting forensic information☆28Apr 4, 2020Updated 5 years ago
- This repository serves as a place for community created Targets and Modules for use with KAPE.☆827Mar 12, 2026Updated 2 weeks ago
- RDP Bitmap Cache parser☆640Jan 21, 2025Updated last year
- Carving tool based in Radare2 & Yara☆16Oct 30, 2018Updated 7 years ago
- ☆2,392Oct 14, 2023Updated 2 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆343Jun 25, 2022Updated 3 years ago
- Merge all Yara rules from official Yara github repository in one .yar file☆31Jun 22, 2018Updated 7 years ago
- A framework for orchestrating forensic collection, processing and data export☆345Updated this week
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Git for me to put all my forensics stuff☆23Sep 2, 2025Updated 6 months ago
- Windows Events Attack Samples☆2,531Jan 24, 2023Updated 3 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆210Mar 12, 2025Updated last year
- A Powershell incident response framework☆1,642Nov 22, 2022Updated 3 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,141Oct 19, 2025Updated 5 months ago
- $MFT directory tree reconstruction & FILE record info☆326Oct 7, 2024Updated last year