ydkhatri / Appx-Analysis
Scripts and tools created for appx analysis talk (Magnet summit 2019)
☆15Updated last year
Alternatives and similar repositories for Appx-Analysis:
Users that are interested in Appx-Analysis are comparing it to the libraries listed below
- NTFS file system specimens☆13Updated last year
- Attempt to replicate the functions of auto_rip by Corey Harrell in Python.☆13Updated 7 months ago
- Parser for Sdba memory pool tags☆17Updated 3 years ago
- ☆12Updated 3 years ago
- Miscellaneous Scripts☆17Updated 4 years ago
- macOS Artifact Intelligence Tool☆13Updated 5 years ago
- Windows 10 Live Information viewer☆36Updated 3 years ago
- Just Another broken Registry Parser (JARP)☆16Updated 9 months ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Updated 5 years ago
- Git for me to put all my forensics stuff☆21Updated 2 months ago
- Collection of scripts used to analyse malware or emails☆19Updated 4 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- Yara rules☆21Updated last year
- Steezy - Ghetto Yara Generation☆15Updated last year
- A DFVFS Backed Forensic Viewer☆40Updated 4 years ago
- ☆22Updated 4 years ago
- Plugins for the Viper Framework☆14Updated 5 years ago
- Parses the WMI object database....looking for persistence☆31Updated 5 years ago
- isodump - ISO dump utility☆40Updated 5 years ago
- ☆20Updated last week
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Updated 3 years ago
- Binaries for the log2timeline projects and dependencies☆39Updated 6 months ago
- http://moaistory.blogspot.com/2016/08/ie10analyzer.html☆16Updated 8 months ago
- volatility-runner is a command line application designed to speed up memory forensics using the volatility framework, primarily for insta…☆11Updated 5 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆22Updated last year
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Updated 8 years ago
- ☆24Updated 2 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Updated 7 years ago
- ☆9Updated 5 years ago