Windows digital forensics and incident response scripts
☆16Oct 30, 2018Updated 7 years ago
Alternatives and similar repositories for forensics
Users that are interested in forensics are comparing it to the libraries listed below
Sorting:
- Defender Resource Hub☆30Feb 23, 2026Updated last week
- Some dfir stuff☆31Jan 12, 2022Updated 4 years ago
- Knowledge space for some computerforensic stuff☆14Aug 15, 2014Updated 11 years ago
- Lazy SPL to detect Spring4Shell exploitation☆12Jul 8, 2022Updated 3 years ago
- Packet Analysis on Steroids☆13Oct 20, 2022Updated 3 years ago
- Splunk Searches and Dashboards for DNS Threat Hunting☆10Mar 5, 2018Updated 8 years ago
- AWS Live Response☆11Sep 19, 2017Updated 8 years ago
- Microsoft Defender for Cloud attack simulation toolkit☆26Dec 24, 2024Updated last year
- Powershell module for Microsoft Cloud App Security (MCAS)☆10Mar 19, 2021Updated 4 years ago
- ☆13Dec 14, 2021Updated 4 years ago
- ☆11Dec 9, 2025Updated 2 months ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Save as PDF addon for Firefox and Google Chrome☆15Jun 12, 2025Updated 8 months ago
- Automating simple report creating of threat intelligence using ChatGPT and Greynoise API.☆10Oct 3, 2023Updated 2 years ago
- ☆10Aug 31, 2017Updated 8 years ago
- ☆11Nov 8, 2023Updated 2 years ago
- Anteater is Reconnaissance tool for discovering interesting files and folders in a web application that most likely has been misconfigure…☆13Jun 12, 2024Updated last year
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- A package that get baseball data☆13Feb 24, 2025Updated last year
- Python script to run battery of Volatility plugins against a forensic memory image☆10Jun 22, 2019Updated 6 years ago
- GUI for regripper☆11Mar 19, 2019Updated 6 years ago
- Detection rules and threat hunting queries in Defender XDR and Azure Sentinel☆16Feb 11, 2026Updated 3 weeks ago
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆11Jun 19, 2025Updated 8 months ago
- Volatility plugin to search for all Autostart Extensibility Points (AESPs)☆10May 16, 2024Updated last year
- LLM supported Toolkit for Blue Team/ SOC Operations☆46Jan 10, 2026Updated last month
- Jupyter Notebooks for Digital Forensics & Incident Response☆10Nov 23, 2021Updated 4 years ago
- ☆10Jan 22, 2025Updated last year
- Training materials I've written.☆11Nov 11, 2025Updated 3 months ago
- My Linux profiles built for Volatility 2/3☆10Oct 11, 2025Updated 4 months ago
- 🐧 Security-focused Linux distribution with 140+ tools, custom kernel 6.17.13, AI assistant | 5 editions | Cloud, AI/ML, Automotive, Hard…☆29Feb 27, 2026Updated last week
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆19May 20, 2025Updated 9 months ago
- A tool to automate memory dump processing using Volatility, including optional Splunk integration.☆12Jul 29, 2020Updated 5 years ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆14Aug 15, 2022Updated 3 years ago
- This app is used to poll and alert if a new Home appears in daft.☆11Dec 9, 2022Updated 3 years ago
- /ˈhäjˌpäj/ "a confused mixture."☆13Feb 26, 2026Updated last week
- A graph-based deep learning tool that can recognizes the kernel objects from raw memory dumps.☆14Jul 6, 2019Updated 6 years ago
- A modern approach to password rotation for the local administrator account on Windows 10 workstations utilizing Microsoft Endpoint Config…☆11May 5, 2020Updated 5 years ago