rjhansen / nsrllookupLinks
Checks with NSRL RDS servers looking for for hash matches
☆114Updated 4 years ago
Alternatives and similar repositories for nsrllookup
Users that are interested in nsrllookup are comparing it to the libraries listed below
Sorting:
- ☆83Updated 2 years ago
- stoQ Public Plugins☆71Updated 2 years ago
- Static analysis tools for Microsoft Office Open XML files and documents☆70Updated 7 years ago
- Python IOC Editor☆63Updated 10 years ago
- Example programs used in the automating DFIR series☆63Updated 6 years ago
- ☆82Updated 9 years ago
- A Windows Event Processing Utility☆47Updated 7 years ago
- Some IR notes☆73Updated 9 years ago
- openioc_scan Volatility Framework plugin☆43Updated 9 years ago
- Command line utility and Python package to ease the (un)mounting of forensic disk images☆124Updated 2 years ago
- Python tools for IOC (Indicator of Compromise) handling☆96Updated 3 years ago
- AuditParser☆60Updated 12 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆120Updated last year
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆110Updated 7 years ago
- CrowdStrike Feed Management System. CrowdFMS is a framework for automating collection and processing of samples from VirusTotal, by lever…☆128Updated 6 years ago
- Reconstruct process trees from event logs☆147Updated 5 years ago
- Community modules for FAME☆65Updated last week
- Volatility plugins created by the author☆44Updated 9 years ago
- MantaRay Automated Computer Forensic Triage Tool☆63Updated 6 years ago
- Yet another registry parser☆136Updated 3 years ago
- Python script for extracting USB information from Windows registry hives☆128Updated 6 years ago
- Hunting IOCs all day every day...☆86Updated last year
- InvestigationPlaybookSpec☆72Updated 7 years ago
- Windows Live Artifacts Acquisition Script☆189Updated 3 years ago
- Extract common Windows artifacts from source images and VSCs☆65Updated 4 years ago
- Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.☆97Updated 10 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- PowerShell No Agent Hunting☆109Updated 7 years ago
- Mass static malware analysis tool☆95Updated 3 years ago
- Various tools and scripts☆43Updated 2 years ago