Tools and script for my remnux/sift installation
☆23Feb 21, 2026Updated 2 weeks ago
Alternatives and similar repositories for remnux-tools
Users that are interested in remnux-tools are comparing it to the libraries listed below
Sorting:
- Demonstrate the behavior of the tunnel cache on Windows☆11Aug 13, 2019Updated 6 years ago
- Scripts that I've written that others may find useful☆14Aug 17, 2022Updated 3 years ago
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 4 months ago
- Small scripts and POCs related to digital forensics☆18Nov 1, 2022Updated 3 years ago
- Dockerfiles for containerized osquery☆14May 23, 2017Updated 8 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- Landing page for MAEC docs☆23Oct 22, 2022Updated 3 years ago
- ☆29May 4, 2016Updated 9 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- Automated library compilation and PDB annotation with CMake and IDA Pro☆21Sep 20, 2018Updated 7 years ago
- Script to parse Process Monitor XML log file, and give you a summary report.☆23May 4, 2016Updated 9 years ago
- ☆24Jan 12, 2026Updated last month
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 4 months ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Code for my blog post on using S2E for malware analysis☆25Jul 16, 2019Updated 6 years ago
- USN to JSON☆22Apr 4, 2020Updated 5 years ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.☆27Jun 3, 2018Updated 7 years ago
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆28Aug 6, 2025Updated 7 months ago
- ☆22Jul 7, 2017Updated 8 years ago
- ☆28Apr 18, 2016Updated 9 years ago
- Determine the running software version of a remote F5 BIG-IP management interface.☆69Jan 3, 2024Updated 2 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆34Jun 27, 2025Updated 8 months ago
- A better alternative to RunDLL32☆35Jun 11, 2019Updated 6 years ago
- MFT parser☆74Feb 2, 2025Updated last year
- Cybersecurity Incidents Mind Maps☆34Sep 29, 2021Updated 4 years ago
- un sensor pour récupérer les informations des prochaines marées☆12Jan 27, 2026Updated last month
- ☆53Mar 12, 2021Updated 4 years ago
- Offline amnesic live Linux distribution☆14Mar 8, 2025Updated last year
- TAXII 2.0 Server implemented in Node JS with MongoDB backend☆12Jan 3, 2023Updated 3 years ago
- analysis of visual basic code☆47Mar 25, 2018Updated 7 years ago
- Smart DLL execution for malware analysis in sandbox systems☆144Feb 16, 2015Updated 11 years ago
- pollen - A command-line tool for interacting with TheHive☆36Jun 6, 2019Updated 6 years ago
- Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to fi…☆49May 31, 2017Updated 8 years ago
- An AI-CyberSecurity Bot that assists security analysts in incident investigations☆40Feb 21, 2025Updated last year
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago
- It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving☆42Apr 23, 2020Updated 5 years ago
- I2P Daemon written in Rust☆14Apr 7, 2017Updated 8 years ago
- ☆12Dec 14, 2016Updated 9 years ago
- A clone of FD (File & Directory tool) by T.Shirai☆16Jan 29, 2014Updated 12 years ago