strozfriedberg / lightgrep
Command-line utility for multipattern search using liblightgrep
โ58Updated last month
Related projects: โ
- ๐ Digital Forensics Artifact Repository (forensicanalysis edition)โ71Updated 7 months ago
- โ84Updated 4 months ago
- โ18Updated 2 years ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhancโฆโ53Updated last year
- โ28Updated last year
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.โ90Updated 11 months ago
- Collection of scripts provided for public useโ28Updated last month
- Logbook for Digital Forensics and Incident Responseโ48Updated 2 months ago
- Python library for threat intelligenceโ78Updated 2 months ago
- Digital Forensics Artifacts Knowledge Baseโ71Updated 4 months ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on muโฆโ47Updated last year
- Repository of public reference frameworks for the DFIR community.โ105Updated last year
- Remote access and Antivirus Logging Databaseโ39Updated 4 months ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systemsโ71Updated 8 months ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.โ38Updated 2 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the dataโ44Updated 2 years ago
- Documentation site for Velociraptorโ35Updated this week
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache imagesโ76Updated last year
- Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!โ42Updated 2 weeks ago
- An open source platform to support analysts to organise their case and tasksโ49Updated 2 weeks ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that maโฆโ15Updated 2 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events fileโ74Updated 3 weeks ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.โ84Updated last year
- Documentation repositoryโ42Updated 3 weeks ago
- Open source training materials for law-enforcement and organisations interested in DFIR.โ55Updated 2 years ago
- BlackBerry Threat Research & Intelligenceโ90Updated 11 months ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CKยฎ knowledge base at your fingertips with text search, conteโฆโ69Updated last week
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirementsโ113Updated 9 months ago
- A Windows registry file parser written in Rustโ35Updated last year
- A dataset containing Office 365 Unified Audit Logs for security research and detectionโ41Updated 2 years ago