nccgroup / MetadataPlus
A tool to use novel locations to extract metadata from Office documents.
☆62Updated last year
Alternatives and similar repositories for MetadataPlus:
Users that are interested in MetadataPlus are comparing it to the libraries listed below
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated 5 months ago
- Linux Baseline and Forensic Triage Tool - BETA☆55Updated 2 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆51Updated 4 months ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 2 months ago
- Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.☆61Updated 9 months ago
- Yara Rules for Modern Malware☆77Updated last year
- Reads and prints information from the website MalAPI.io☆38Updated 3 years ago
- ☆33Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated last year
- Quick ESXi Log Parser☆19Updated 3 months ago
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆23Updated last month
- A C# based tool for analysing malicious OneNote documents☆113Updated 2 years ago
- Data breaches, Leaks, Malwares Forums List <Please Use Vpn/TOR don't click on Link directly bad OPSEC>☆48Updated last month
- Contains compiled binaries of Volatility☆33Updated 3 months ago
- ☆21Updated 2 months ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- ☆80Updated 5 months ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated 2 years ago
- Detection rule validation☆41Updated last year
- Reads and prints information from the website MalAPI.io☆19Updated 2 years ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 2 years ago
- ☆24Updated 2 years ago
- This repository contains the code and PCAPS used for the SANS webinar, "Hacking Proprietary Protocols" given on February 23, 2021.☆34Updated 3 years ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆16Updated 2 months ago
- ☆32Updated 2 years ago
- A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and rea…☆89Updated 9 months ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆51Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 11 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆93Updated 2 years ago