PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office
☆37Mar 15, 2023Updated 3 years ago
Alternatives and similar repositories for PS-TrustedDocuments
Users that are interested in PS-TrustedDocuments are comparing it to the libraries listed below
Sorting:
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year
- Conceptual Methods for Finding Commonalities in Macho Files☆12Mar 21, 2024Updated 2 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser☆45Mar 13, 2026Updated last week
- Evtx Log (xml) Browser☆56Mar 12, 2023Updated 3 years ago
- A C# based tool for analysing malicious OneNote documents☆117Apr 4, 2023Updated 2 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- A library to parse macOS FsEvents☆24Aug 28, 2022Updated 3 years ago
- Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more☆30Mar 10, 2026Updated last week
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆38Jun 12, 2024Updated last year
- ☆20Jul 19, 2021Updated 4 years ago
- ☆17Sep 29, 2023Updated 2 years ago
- lnk_parser is a full rust implementation to parse windows LNK files☆23Feb 17, 2026Updated last month
- Project to Support The Hunter's Framework (THF)☆11Apr 16, 2024Updated last year
- ☆33Feb 26, 2022Updated 4 years ago
- ESXi Cyber Security Incident Response Script☆25Sep 4, 2024Updated last year
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.��☆16Aug 19, 2025Updated 7 months ago
- Windows.EDB Browser☆60Mar 6, 2023Updated 3 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆26Dec 20, 2019Updated 6 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged��☆89Jul 7, 2022Updated 3 years ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- Generate HTTPS reports based on scan data☆15Feb 18, 2026Updated last month
- $MFT directory tree reconstruction & FILE record info☆325Oct 7, 2024Updated last year
- A pair of scripts to import session and local group information that has been collected from alternate data sources into BloodHound's Neo…☆20Aug 29, 2022Updated 3 years ago
- Semantic strings based on tree-sitter☆17Feb 19, 2025Updated last year
- ☆15Nov 25, 2021Updated 4 years ago
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- Common framework for designing a detection and response framework for the most common MFT solutions☆16Aug 4, 2023Updated 2 years ago
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Jul 5, 2021Updated 4 years ago
- Python script to parse Keytab files for macOS or *nix (typically /etc/krb5.keytab)☆41Jun 19, 2019Updated 6 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Jan 18, 2023Updated 3 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆64Dec 18, 2024Updated last year
- ☆22Mar 4, 2025Updated last year
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 3 years ago
- Random experiments and shenanigans☆13Dec 6, 2025Updated 3 months ago
- General malware analysis stuff☆37Aug 26, 2024Updated last year
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Nov 13, 2022Updated 3 years ago
- create a "simulated internet" cyber range environment☆19Jan 28, 2026Updated last month
- C# Desktop GUI application that either performs YARA scan locally or prepares the scan in Active Directory domain environment with a few …☆36Dec 1, 2021Updated 4 years ago