Small scripts and POCs related to digital forensics
☆18Nov 1, 2022Updated 3 years ago
Alternatives and similar repositories for scripts
Users that are interested in scripts are comparing it to the libraries listed below
Sorting:
- Registry Miner☆14Apr 10, 2018Updated 7 years ago
- Various scrips☆12Oct 19, 2022Updated 3 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 6 years ago
- Git for me to put all my forensics stuff☆23Sep 2, 2025Updated 6 months ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Duo MFA auditing tool to test users' likelihood of approving unexpected push notifications☆13Apr 20, 2018Updated 7 years ago
- Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to fi…☆49May 31, 2017Updated 8 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 4 years ago
- This is a powershell module to help implement the AD Tier Model☆15Feb 17, 2026Updated last month
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆13Dec 3, 2020Updated 5 years ago
- An updated C# port of X-Ways X-Tensions API.☆11Mar 12, 2018Updated 8 years ago
- Python web app for previewing data in a Chrome Profile Folder☆24Jul 1, 2024Updated last year
- ☆18Oct 28, 2025Updated 4 months ago
- Binaries for the log2timeline projects and dependencies☆40Feb 8, 2026Updated last month
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 4 years ago
- Recover event log entries from an image by heurisitically looking for record structures.☆26Oct 9, 2015Updated 10 years ago
- Listen for usb devices and automatically submit all files on device to cuckoo☆13Apr 30, 2017Updated 8 years ago
- Python utilities related to plists☆55Oct 28, 2025Updated 4 months ago
- Queries to parse sysmon event log file with microsoft logparser☆58Mar 31, 2015Updated 10 years ago
- Get USB Devices from Registry hives☆22Nov 15, 2021Updated 4 years ago
- Fast multipattern regular expression searching for digital forensics☆18Jul 31, 2019Updated 6 years ago
- TV show scraper/renamer thingy☆12May 10, 2013Updated 12 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Jul 18, 2018Updated 7 years ago
- Yara Plugin for Binary Ninja☆13Feb 13, 2018Updated 8 years ago
- ☆11Jun 12, 2023Updated 2 years ago
- Black Hat 2017 - Wi-Fi Direct to Hell☆13Dec 6, 2017Updated 8 years ago
- ☆17Jan 12, 2018Updated 8 years ago
- IDA2PAT_Reloaded for windows and mac osx☆13Sep 28, 2017Updated 8 years ago
- Discover USB device history for a specific user☆23Dec 28, 2015Updated 10 years ago
- OpenHIPS prevents exploitation of Windows systems☆35Jan 7, 2013Updated 13 years ago
- ☆28Apr 18, 2016Updated 9 years ago
- Library and tools to access the Windows Event Log (EVT) format☆60Dec 15, 2025Updated 3 months ago
- Tool to parse SRU database☆25Mar 1, 2018Updated 8 years ago
- API to access the Redis database of a BGP Ranking instance.☆17Dec 11, 2017Updated 8 years ago
- Crack base64(sha256(username)) hash from Microsoft Event ID 1029☆24Aug 4, 2023Updated 2 years ago