tedhardyMSFT / EventLogUtilities
Set of utilities for getting information about Windows Events
☆15Updated 6 years ago
Related projects: ⓘ
- Mass Triage Tools☆19Updated 2 months ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Updated 5 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Updated 6 years ago
- ☆22Updated this week
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Updated 2 years ago
- Scripts to help hunt for possible golden/silver TGT tickets☆16Updated 7 years ago
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆16Updated 4 years ago
- A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed☆16Updated 8 years ago
- Presentation materials for talks I've given.☆20Updated 4 years ago
- LNK to JSON☆14Updated 5 years ago
- Trace ScriptBlock execution for powershell v2☆39Updated 4 years ago
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Updated 5 years ago
- Crack your macros like the math pros.☆33Updated 7 years ago
- Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compro…☆10Updated 6 years ago
- ☆12Updated this week
- Script to parse Process Monitor XML log file, and give you a summary report.☆23Updated 8 years ago
- Steezy - Ghetto Yara Generation☆15Updated last year
- RegRipper wrapper for simplified bulk parsing or registry hives☆10Updated 6 years ago
- Konrads' Pen-Ultimate (Windows) Log File Parser☆13Updated 2 years ago
- ☆17Updated this week
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Updated 8 years ago
- A GC link parser for both linkfiles and jumplists.☆18Updated 7 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Updated 5 years ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15Updated 5 years ago
- Windows registry samples☆23Updated 5 years ago
- ☆18Updated this week
- ☆12Updated this week
- onigiri - remote malware triage script☆24Updated 8 years ago
- Force-Directed Graph Generator for Volatility Ouputs☆26Updated 5 years ago
- volatility-runner is a command line application designed to speed up memory forensics using the volatility framework, primarily for insta…☆11Updated 5 years ago