irCRpull is a PowerShell script utilized to pull several system artifacts, utilizing the free tool CrowdResponse, from a live Win7+ system on your network.
☆14Mar 25, 2015Updated 11 years ago
Alternatives and similar repositories for irCRpull
Users that are interested in irCRpull are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.☆52Jan 25, 2018Updated 8 years ago
- A collection of hunting and blue team scripts. Mostly others, some my own.☆38Jan 8, 2023Updated 3 years ago
- PowerShell script useful for Incident Response and security/configuration baselines for Windows Vista and later☆20Feb 23, 2016Updated 10 years ago
- SIFT Bootstrap Script☆145Jun 20, 2017Updated 8 years ago
- My personal experience in Threat Hunting and knowledge gained so far.☆19May 27, 2017Updated 8 years ago
- Finds dynamic DNS (like no-ip.org) domains from a given list of domains☆14Sep 17, 2015Updated 10 years ago
- PowerShell Script for Agentless Incident Response☆25Apr 5, 2018Updated 7 years ago
- Why hunt when you can seine?☆21May 12, 2015Updated 10 years ago
- ☆33Nov 21, 2024Updated last year
- Parses for Google Analytic values in raw files like RAM, DD images etc.☆18Apr 17, 2016Updated 9 years ago
- Indexed search and clustering tool for digital forensics☆26Nov 5, 2014Updated 11 years ago
- Maltego transforms for the ThreatCrowd search API☆47Apr 11, 2018Updated 7 years ago
- Script to enabled DNS Debug Logging across Domain Controllers in a Forest and then retrieve for analysis☆14May 27, 2016Updated 9 years ago
- A non-math, but still technical, guide to cryptography☆24Jul 24, 2020Updated 5 years ago
- Force-Directed Graph Generator for Volatility Ouputs☆26Mar 3, 2019Updated 7 years ago
- Tools to enumerate Windows Firewall Hook Drivers on Windows 2000, XP and 2003☆21Jan 19, 2015Updated 11 years ago
- \ PowerAvails Powershell /☆10Jun 30, 2018Updated 7 years ago
- ircollect☆31Aug 7, 2013Updated 12 years ago
- ☆14Feb 8, 2020Updated 6 years ago
- Multiple rules for yara-project for detect compiler/packer/protector☆33Dec 24, 2019Updated 6 years ago
- list of useful commands, shells and notes related to OSCP☆26Mar 15, 2018Updated 8 years ago
- Useful scripts, rules etc. for use with YARA☆27Feb 12, 2021Updated 5 years ago
- I'm in your AWS account, edge bundling your security groups☆14Nov 16, 2017Updated 8 years ago
- A packer utility to create and capture DFIR Image for use AWS & Azure☆15Oct 18, 2019Updated 6 years ago
- geolocate ip addresses in IIS logs☆20Jan 8, 2025Updated last year
- Use OpenDNS's investigate API to find newly observed domains which match a brand or string☆17Jul 12, 2016Updated 9 years ago
- Proof of concept incident response demo using SSM and AWS Fargate.☆14Dec 5, 2019Updated 6 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Feb 20, 2024Updated 2 years ago
- My Year of Python Repository☆28Jun 13, 2020Updated 5 years ago
- Maps process creation logged by Sysmon uses Google Org Chart API☆23Mar 5, 2016Updated 10 years ago
- Locker Decrypter - Python tool to decrypt files encrypted by Locker malware☆19Jun 8, 2015Updated 10 years ago
- ☆82Jul 5, 2016Updated 9 years ago
- Defence Against the Dark Arts☆34Sep 15, 2019Updated 6 years ago
- A tool for checking a hash:pass pot file for hashes from a user:hash file☆12Oct 23, 2016Updated 9 years ago
- Obtain AWS CLI credentials from web browser SSO in a popup window☆12Jun 16, 2024Updated last year
- ☆37May 21, 2014Updated 11 years ago
- Disk Image Mounting Script☆11Jan 22, 2026Updated 2 months ago
- ☆53May 21, 2018Updated 7 years ago
- Passive recon / OSINT automation script☆39Nov 3, 2018Updated 7 years ago