pinesol93 / MemoryForensicSamples
Links to various memory samples
☆24Updated 2 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for MemoryForensicSamples
- Some important DFIR Resources☆82Updated last year
- ☆62Updated last year
- ☆56Updated 2 weeks ago
- Forensics scripts aimed at automating & enhancing the Forensics Legend Eric Zimmerman's techniques, integrating the statistical detection…☆16Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆67Updated last year
- Jupyter Notebooks for the Blue Team☆141Updated last year
- Windows Forensics Environment Builder☆110Updated last week
- This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR☆72Updated 2 years ago
- The Threat Actor Profile Guide for CTI Analysts☆96Updated last year
- Harness the power of Splunk for your investigations☆76Updated 2 weeks ago
- SIEM Cheat Sheet☆72Updated last year
- A hex viewer for the sleuths!☆16Updated last year
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- Incident Response documents and tooling☆62Updated last year
- Resources To Learn And Understand SIGMA Rules☆167Updated last year
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆63Updated last year
- Windows Malware Investigation Scripts & Docs☆75Updated this week
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆36Updated 3 years ago
- The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportu…☆194Updated 6 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆75Updated 2 weeks ago
- Detection Engineering with YARA☆85Updated 10 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆116Updated 11 months ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆49Updated last year
- Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.☆24Updated last year
- The scrip will help you to find some values info for the user that you need as DFIR☆15Updated 2 years ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆148Updated 5 months ago
- Chrome Logs Events and Protobuf Parser☆34Updated last year
- Automating the baseline logging settings found here: https://nullsec.us/windows-baseline-logging/☆14Updated last year
- DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…☆73Updated 3 weeks ago
- Repository of public reference frameworks for the DFIR community.☆108Updated last year