Small scripts and POCs related to digital forensics
☆18Nov 1, 2022Updated 3 years ago
Alternatives and similar repositories for scripts
Users that are interested in scripts are comparing it to the libraries listed below
Sorting:
- Registry Miner☆14Apr 10, 2018Updated 7 years ago
- Git for me to put all my forensics stuff☆23Sep 2, 2025Updated 5 months ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 6 years ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- An updated C# port of X-Ways X-Tensions API.☆11Mar 12, 2018Updated 7 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Duo MFA auditing tool to test users' likelihood of approving unexpected push notifications☆13Apr 20, 2018Updated 7 years ago
- Various scrips☆12Oct 19, 2022Updated 3 years ago
- ☆11Jun 12, 2023Updated 2 years ago
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆13Dec 3, 2020Updated 5 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- TV show scraper/renamer thingy☆12May 10, 2013Updated 12 years ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- Listen for usb devices and automatically submit all files on device to cuckoo☆13Apr 30, 2017Updated 8 years ago
- Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to fi…☆49May 31, 2017Updated 8 years ago
- Fast multipattern regular expression searching for digital forensics☆18Jul 31, 2019Updated 6 years ago
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- Get USB Devices from Registry hives☆22Nov 15, 2021Updated 4 years ago
- Python web app for previewing data in a Chrome Profile Folder☆23Jul 1, 2024Updated last year
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 3 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Jul 18, 2018Updated 7 years ago
- Fix acquired .evt - Windows Event Log files (Forensics)☆18Mar 29, 2016Updated 9 years ago
- A generic security incident response playbook investigating and responding to potential compromises of Okta's internal systems, in the co…☆20Mar 24, 2022Updated 3 years ago
- Recover event log entries from an image by heurisitically looking for record structures.☆26Oct 9, 2015Updated 10 years ago
- Library to handle the files in zff format (file format to store and handle forensic acquisitions).☆21Feb 9, 2026Updated 2 weeks ago
- Parse Manifest.mbdb files from iTunes backup directories☆20Jun 29, 2017Updated 8 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Python utilities related to plists☆54Oct 28, 2025Updated 3 months ago
- Crack base64(sha256(username)) hash from Microsoft Event ID 1029☆23Aug 4, 2023Updated 2 years ago
- Tools and script for my remnux/sift installation☆23Feb 21, 2026Updated last week
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 4 years ago
- Queries to parse sysmon event log file with microsoft logparser☆58Mar 31, 2015Updated 10 years ago
- Discover USB device history for a specific user☆23Dec 28, 2015Updated 10 years ago
- Windows Event Log Knowledge Base☆31Dec 23, 2025Updated 2 months ago
- Tool to parse SRU database☆25Mar 1, 2018Updated 7 years ago
- Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…☆37Apr 24, 2018Updated 7 years ago
- Assorted classes and methods for indexing reports and retrieving information from an elastic index☆21Jul 5, 2016Updated 9 years ago
- onigiri - remote malware triage script☆24Nov 5, 2015Updated 10 years ago