theflakes / fmdLinks
Windows file metadata / forensic tool.
☆18Updated this week
Alternatives and similar repositories for fmd
Users that are interested in fmd are comparing it to the libraries listed below
Sorting:
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 2 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- Yara rules☆22Updated 2 years ago
- Just Another broken Registry Parser (JARP)☆16Updated last year
- YARA rule analyzer to improve rule quality and performance☆102Updated 4 months ago
- ☆19Updated 7 months ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆65Updated 2 years ago
- ☆34Updated 2 years ago
- ☆19Updated 3 years ago
- Publicly shareable windows event log message data☆27Updated 5 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆41Updated 3 years ago
- ☆35Updated 9 months ago
- ☆21Updated 4 months ago
- ShellSweeping the evil.☆53Updated last year
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 3 years ago
- Powershell sandboxing utility☆19Updated last week
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆113Updated 3 years ago
- Extract BITS jobs from QMGR queue and store them as CSV records☆75Updated 5 months ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆75Updated last year
- Quick ESXi Log Parser☆24Updated this week
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated 2 years ago
- Scripts and lists to help generate YARA friendly string mutations☆21Updated 2 years ago
- ☆14Updated 2 years ago
- Yara station is a management portal for Neo23x0-Loki. The mission is to transform the standalone nature of the Loki scanner into a centra…☆36Updated 3 years ago
- JPCERT/CC public YARA rules repository☆110Updated 8 months ago
- Malformed Access Log to CSV - Convert Web Server Access Logs to CSV☆17Updated 11 months ago
- ☆88Updated last week
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆34Updated 3 years ago