woanware / ForensicUserInfo
Extracts Windows user info including the password hashes
☆38Updated 8 years ago
Related projects: ⓘ
- Tools for parsing Forensic images☆41Updated 5 years ago
- Various short scripts and tools used for Digital Forensics☆12Updated 4 months ago
- ☆29Updated 4 years ago
- Backstage Parser☆32Updated 2 years ago
- Python script to batch query the Tor Relays and Bridges☆36Updated 5 years ago
- A quick reference guide for python script development in DFIR☆14Updated 6 months ago
- Windows 10 Live Information viewer☆33Updated 2 years ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆39Updated 11 months ago
- volatility-runner is a command line application designed to speed up memory forensics using the volatility framework, primarily for insta…☆11Updated 5 years ago
- CyberChef update scripts in PowerShell & Bash☆16Updated 4 months ago
- Create an incident response triage toolkit for use with Windows or Linux.☆17Updated 4 years ago
- isodump - ISO dump utility☆38Updated 5 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- Fast incident overview☆39Updated 7 years ago
- Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…☆27Updated 8 years ago
- Hashes of infamous malware☆24Updated last year
- GUI for regripper☆11Updated 5 years ago
- OG Atomic Red Team☆29Updated 6 years ago
- THOR MITRE ATT&CK Framework Coverage☆24Updated 4 years ago
- Generate a histogram of TCP and UDP payload bytes from a pcap file☆23Updated 2 years ago
- A DFVFS Backed Forensic Viewer☆38Updated 4 years ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆25Updated last year
- PowerShell Memory Pulling script☆19Updated 9 years ago
- Looks stuff up (MD5, SHA256, IP, Domains, URL's, strings e.g. mutexes)...☆36Updated 7 years ago
- A list of Autopsy awesome plugins.☆64Updated 2 years ago
- Script that checks for available updates for the most commonly used Digital Forensics tools☆57Updated 3 years ago
- Forensic Scanner☆40Updated 11 years ago
- RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.☆9Updated 3 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Updated 5 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Updated 8 years ago