philippelyp / pe2json

Related projects: ⓘ

• forensicmatt / PancakeViewer
  A DFVFS Backed Forensic Viewer
  ☆38Updated 4 years ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆54Updated 3 years ago
• ExabeamLabs / Synopsis
  Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.
  ☆20Updated 5 years ago
• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆34Updated 5 years ago
• swisscom / PowerSponse
  PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
  ☆38Updated 2 years ago
• Foundstone / ExpertInvestigationGuides
  Expert Investigation Guides
  ☆50Updated 3 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• cocaman / analysis_scripts
  Collection of scripts used to analyse malware or emails
  ☆19Updated 3 years ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆26Updated 4 months ago
• jshlbrd / threat-hunting-pocket-guide
  pocket guide for core threat hunting concepts
  ☆23Updated 4 years ago
• randomaccess3 / 4n6_stuff
  Git for me to put all my forensics stuff
  ☆21Updated 3 weeks ago
• 3c7 / common-osint-model
  Converting data from services like Censys and Shodan to a common data model
  ☆48Updated last week
• redcanaryco / vscode-attack
  Visual Studio Code extension for MITRE ATT&CK
  ☆51Updated 2 months ago
• dwmetz / PSHero
  PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
  ☆35Updated last year
• net-protect / google-fs-recover
  Google Filestream Forensic Tool
  ☆16Updated 2 years ago
• forensicmatt / PyWindowsThingies
  Windows Thingies in Python for live use.
  ☆24Updated 5 years ago
• rj-chap / BaselineTraining
  Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk
  ☆12Updated 5 years ago
• Silv3rHorn / evtx2json
  evtx2json extracts events of interest from event logs, dedups them, and exports them to json.
  ☆41Updated 3 years ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆51Updated 3 years ago
• mgreen27 / Invoke-BitsParser
  Sharing my BITS
  ☆12Updated 6 years ago
• aarju / Kibana_ForensicDashboards
  Dashboards for conducting forensic investigation using windows events in Kibana
  ☆17Updated 5 years ago
• airbus-cert / Splunk-ETW
  A Splunk Technology Add-on to forward filtered ETW events.
  ☆30Updated 3 years ago
• CyCat-project / cycat-taxonomy
  CyCAT.org taxonomies
  ☆14Updated 3 years ago
• polylogyx / PolyMon
  ☆15Updated this week
• forensicanalysis / elementary
  🕵️ Process and show forensic artifacts (e.g. eventlogs, usb devices, network devices...) in forensicstores
  ☆46Updated 10 months ago
• dfirlabs / ntfs-specimens
  NTFS file system specimens
  ☆13Updated last year
• uforia / exitgather
  Tool for automatic list generation of known TOR and VPN exit nodes
  ☆29Updated 9 months ago
• neu5ron / WinLogsZero2Hero
  This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.
  ☆21Updated 6 years ago
• jafarspalace / Crowdstrike-Falcon-Scripts
  Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation
  ☆21Updated last month
• ion-storm / emotet-malware-killer
  ☆38Updated 4 years ago