woanware / ForensicUserInfo

Related projects: ⓘ

• grayfold3d / POSH-Triage
  Tools for parsing Forensic images
  ☆41Updated 5 years ago
• digitalsleuth / forensics_tools
  Various short scripts and tools used for Digital Forensics
  ☆12Updated 4 months ago
• Invoke-IR / PowerForensicsPortable
  ☆29Updated 4 years ago
• ArsenalRecon / BackstageParser
  Backstage Parser
  ☆32Updated 2 years ago
• mdegrazia / OnionPeeler
  Python script to batch query the Tor Relays and Bridges
  ☆36Updated 5 years ago
• chapinb / python-forensics-handbook
  A quick reference guide for python script development in DFIR
  ☆14Updated 6 months ago
• kacos2000 / Win10LiveInfo
  Windows 10 Live Information viewer
  ☆33Updated 2 years ago
• AbdulRhmanAlfaifi / Rhaegal
  Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…
  ☆39Updated 11 months ago
• woanware / volatility-runner
  volatility-runner is a command line application designed to speed up memory forensics using the volatility framework, primarily for insta…
  ☆11Updated 5 years ago
• mattnotmax / update-cyberchef
  CyberChef update scripts in PowerShell & Bash
  ☆16Updated 4 months ago
• rshipp / ir-triage-toolkit
  Create an incident response triage toolkit for use with Windows or Linux.
  ☆17Updated 4 years ago
• evild3ad / isodump
  isodump - ISO dump utility
  ☆38Updated 5 years ago
• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆27Updated 3 years ago
• AlmCo / Panorama
  Fast incident overview
  ☆39Updated 7 years ago
• mgeeky / LISET
  Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…
  ☆27Updated 8 years ago
• BushidoUK / Malware-Zoo
  Hashes of infamous malware
  ☆24Updated last year
• randomaccess3 / regripper_gui
  GUI for regripper
  ☆11Updated 5 years ago
• MHaggis / bookish-happiness
  OG Atomic Red Team
  ☆29Updated 6 years ago
• NextronSystems / thor_attck
  THOR MITRE ATT&CK Framework Coverage
  ☆24Updated 4 years ago
• joswr1ght / pcaphistogram
  Generate a histogram of TCP and UDP payload bytes from a pcap file
  ☆23Updated 2 years ago
• forensicmatt / PancakeViewer
  A DFVFS Backed Forensic Viewer
  ☆38Updated 4 years ago
• AndrewRathbun / Anti-Forensics-VHDX
  A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…
  ☆25Updated last year
• n3l5 / irMempull
  PowerShell Memory Pulling script
  ☆19Updated 9 years ago
• woanware / lookuper
  Looks stuff up (MD5, SHA256, IP, Domains, URL's, strings e.g. mutexes)...
  ☆36Updated 7 years ago
• CarlosLannister / awesome-autopsy-plugins
  A list of Autopsy awesome plugins.
  ☆64Updated 2 years ago
• jankais3r / Forensic-Version-Checker
  Script that checks for available updates for the most commonly used Digital Forensics tools
  ☆57Updated 3 years ago
• appliedsec / forensicscanner
  Forensic Scanner
  ☆40Updated 11 years ago
• trustedsec / RisingSun
  RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.
  ☆9Updated 3 years ago
• LDO-CERT / FireEye2TH
  FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
  ☆16Updated 5 years ago
• jschicht / MftCarver
  Carve $MFT records from a chunk of data (for instance a memory dump)
  ☆16Updated 8 years ago