philippelyp / pe2json
☆15Updated this week
Related projects: ⓘ
- A DFVFS Backed Forensic Viewer☆38Updated 4 years ago
- A collection of typical false positive indicators☆54Updated 3 years ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆20Updated 5 years ago
- pollen - A command-line tool for interacting with TheHive☆34Updated 5 years ago
- PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.☆38Updated 2 years ago
- Expert Investigation Guides☆50Updated 3 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- Collection of scripts used to analyse malware or emails☆19Updated 3 years ago
- CSIRT Jump Bag☆26Updated 4 months ago
- pocket guide for core threat hunting concepts☆23Updated 4 years ago
- Git for me to put all my forensics stuff☆21Updated 3 weeks ago
- Converting data from services like Censys and Shodan to a common data model☆48Updated last week
- Visual Studio Code extension for MITRE ATT&CK☆51Updated 2 months ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆35Updated last year
- Google Filestream Forensic Tool☆16Updated 2 years ago
- Windows Thingies in Python for live use.☆24Updated 5 years ago
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆12Updated 5 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆41Updated 3 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆51Updated 3 years ago
- Sharing my BITS☆12Updated 6 years ago
- Dashboards for conducting forensic investigation using windows events in Kibana☆17Updated 5 years ago
- A Splunk Technology Add-on to forward filtered ETW events.☆30Updated 3 years ago
- CyCAT.org taxonomies☆14Updated 3 years ago
- ☆15Updated this week
- 🕵️ Process and show forensic artifacts (e.g. eventlogs, usb devices, network devices...) in forensicstores☆46Updated 10 months ago
- NTFS file system specimens☆13Updated last year
- Tool for automatic list generation of known TOR and VPN exit nodes☆29Updated 9 months ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆21Updated 6 years ago
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆21Updated last month
- ☆38Updated 4 years ago