theflakes / fmd

Related projects ⓘ

Alternatives and complementary repositories for fmd

• ydkhatri / jarp
  Just Another broken Registry Parser (JARP)
  ☆16Updated 5 months ago
• woanware / etw-event-dumper
  ☆31Updated 2 years ago
• CyberCX-DFIR / usnjrnl_rewind
  USN Journal full path builder
  ☆36Updated 2 months ago
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆68Updated last year
• The-DFIR-Report / cyberchef-recipes
  ☆18Updated 2 years ago
• 00010111 / gMetaDataParse
  ☆19Updated last year
• AndrewRathbun / SANSGoldPaperResearch_FOR500_Rathbun
  A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.
  ☆25Updated 2 years ago
• invoke-eric / jupyter
  Jupyter Notebooks for Cyber Threat Intelligence
  ☆35Updated last year
• g-les / 100DaysofYARA
  100 Days of YARA to be updated with rules & ideas as the year progresses
  ☆56Updated last year
• stvemillertime / Cerebro
  Scripts and lists to help generate YARA friendly string mutations
  ☆19Updated last year
• blueteam0ps / det-eng-samples
  This repository contains sample log data that were collected after running adversary simulations in Microsoft 365
  ☆20Updated last month
• EricZimmerman / Sum
  ☆19Updated 2 months ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• strozfriedberg / notatin
  A Windows registry file parser written in Rust
  ☆36Updated last year
• nmantani / PS-TrustedDocuments
  PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office
  ☆34Updated last year
• EricZimmerman / TLEFilePlugins
  Plugins for parsing CSV files in Timeline Explorer. This project allows for anyone to add more supported files (i,e. they get a Line #/ta…
  ☆22Updated 2 weeks ago
• MattETurner / DFIRlogbook
  Logbook for Digital Forensics and Incident Response
  ☆49Updated 4 months ago
• AbdulRhmanAlfaifi / SDSParser-rs
  NTFS Security Descriptor Stream ($Secure:$SDS) parser
  ☆14Updated last year
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated last year
• AndrewRathbun / EventTranscript.db-Research
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆39Updated 2 years ago
• herosi / triage-collector
  ☆21Updated last month
• WiredPulse / Invoke-SRUMDump
  A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.
  ☆13Updated 3 years ago
• 0xThiebaut / PCAPeek
  A proof-of-concept re-assembler for reverse VNC traffic.
  ☆25Updated last year
• DCScoder / ESXiTri
  ESXi Cyber Security Incident Response Script
  ☆20Updated 2 months ago
• gajos112 / SRUM-Timeliner
  ☆10Updated last year
• ANSSI-FR / bits_parser
  Extract BITS jobs from QMGR queue and store them as CSV records
  ☆74Updated 4 months ago
• RandomRhythm / mal2csv
  Malformed Access Log to CSV - Convert Web Server Access Logs to CSV
  ☆15Updated 2 months ago
• jstrosch / subparse
  Modular malware analysis artifact collection and correlation framework
  ☆52Updated 6 months ago
• MHaggis / ShellSweep
  ShellSweeping the evil.
  ☆52Updated 5 months ago
• ruppde / yara_rules
  Yara rules
  ☆20Updated last year