Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets.
☆61Nov 18, 2021Updated 4 years ago
Alternatives and similar repositories for columbo
Users that are interested in columbo are comparing it to the libraries listed below
Sorting:
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- dankAlerts is powered by Sysmon and Memes. Would you notice if a suspicious process was recorded in the event log?☆18Jun 24, 2020Updated 5 years ago
- Privescker - make life easier by dumping all your common Windows enum, privesc and post exploitation scripts and tools on to the box in o…☆45Apr 4, 2022Updated 3 years ago
- All the useful tools interesting to be used☆24Sep 20, 2022Updated 3 years ago
- geolocate ip addresses in IIS logs☆20Jan 8, 2025Updated last year
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆23Oct 26, 2019Updated 6 years ago
- SMB Auto Relay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environme…☆46Dec 20, 2020Updated 5 years ago
- Repository for LNK stuff☆31Aug 31, 2022Updated 3 years ago
- Simple script to bulk check if IPs match networks☆11Jan 11, 2022Updated 4 years ago
- Standardizing Security Titles☆13Dec 31, 2025Updated 2 months ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Python Reverse Shell Builder with some advanced functionalities☆10Feb 16, 2021Updated 5 years ago
- The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.☆10Sep 28, 2020Updated 5 years ago
- A utility to force query DNS over DoH off of CloudFlare API when DNS block is in place☆10Aug 26, 2018Updated 7 years ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- A password list optimized for use on Android devices.☆11Jul 2, 2022Updated 3 years ago
- A small pentesting lab for Azure☆10Apr 19, 2019Updated 6 years ago
- A bunch of library code that can easily be included in new/prototype projects with few (usually zero) dependencies, even on themselves.☆12Jul 26, 2020Updated 5 years ago
- Jupyter Notebooks for Digital Forensics & Incident Response☆10Nov 23, 2021Updated 4 years ago
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆11Jun 19, 2025Updated 8 months ago
- A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.☆26Oct 27, 2019Updated 6 years ago
- Provides an overview of the inner file structure of a PDF☆24Sep 26, 2022Updated 3 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆108Feb 12, 2023Updated 3 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆76Sep 2, 2020Updated 5 years ago
- Blueteam operational triage registry hunting/forensic tool.☆149Sep 2, 2025Updated 6 months ago
- ☆12Jun 16, 2021Updated 4 years ago
- Word split utility☆13Jun 21, 2018Updated 7 years ago
- Kudzu is a Go C2 platform with an emphasis on extensibility.☆11Mar 30, 2021Updated 4 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆14Aug 15, 2022Updated 3 years ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- A simple utility for stripping out either the SHA-1, MD5 or CRC values alone from the NSRL hash database☆14Nov 19, 2021Updated 4 years ago
- A script used to query the dehashed API and filter for more useful results☆16Jun 20, 2021Updated 4 years ago
- DFF (Digital Forensics Framework)☆11Jan 6, 2021Updated 5 years ago
- Duo MFA auditing tool to test users' likelihood of approving unexpected push notifications☆13Apr 20, 2018Updated 7 years ago
- Modelling files related to the journal article titled "Rapid development and deployment of high-volume vaccines for pandemic response" pu…☆14Jun 1, 2020Updated 5 years ago
- Trigger-only for CVE-2021-29627☆13Apr 12, 2021Updated 4 years ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆341Dec 3, 2025Updated 3 months ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆78Jan 9, 2024Updated 2 years ago