uacUAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
Stars: ✭ 260 (+372.73%)
hayabusaHayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Stars: ✭ 908 (+1550.91%)
FatcatFAT filesystems explore, extract, repair, and forensic tool
Stars: ✭ 201 (+265.45%)
PypowershellxrayPython script to decode common encoded PowerShell scripts
Stars: ✭ 192 (+249.09%)
harvestTool to sort large collections of files according to common typologies
Stars: ✭ 32 (-41.82%)
btrfscueRecover files from damaged BTRFS filesystems
Stars: ✭ 28 (-49.09%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+20%)
DiffyDiffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
Stars: ✭ 555 (+909.09%)
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Stars: ✭ 171 (+210.91%)
MEATThis toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices
Stars: ✭ 101 (+83.64%)
SiemSIEM Tactics, Techiques, and Procedures
Stars: ✭ 157 (+185.45%)
Vol3xpVolatility Explorer Suit
Stars: ✭ 31 (-43.64%)
SleuthkitThe Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Stars: ✭ 1,948 (+3441.82%)
BadIntentIntercept, modify, repeat and attack Android's Binder transactions using Burp Suite
Stars: ✭ 316 (+474.55%)
MbaMalware Behavior Analyzer
Stars: ✭ 125 (+127.27%)
yara-forensicsSet of Yara rules for finding files using magics headers
Stars: ✭ 115 (+109.09%)
Hibr2binComae Hibernation File Decompressor
Stars: ✭ 116 (+110.91%)
GetConsoleHistoryAndOutputAn Incident Response tool to extract console command history and screen output buffer
Stars: ✭ 41 (-25.45%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+3176.36%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (+96.36%)
RdpCacheStitcherRdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Stars: ✭ 176 (+220%)
Artifacts KitPseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.
Stars: ✭ 99 (+80%)
apkutila useful utility for android app security testing
Stars: ✭ 52 (-5.45%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+2205.45%)
BlockHashLocRecover files using lists of blocks hashes, bypassing the File System entirely
Stars: ✭ 45 (-18.18%)
TcpflowTCP/IP packet demultiplexer. Download from:
Stars: ✭ 1,231 (+2138.18%)
sqbriteSQBrite is a data recovery tool for SQLite databases
Stars: ✭ 27 (-50.91%)
MrMobile Revelator
Stars: ✭ 69 (+25.45%)
qedThe scalable, auditable and high-performance tamper-evident log project
Stars: ✭ 87 (+58.18%)
Icpr2020dfdcVideo Face Manipulation Detection Through Ensemble of CNNs
Stars: ✭ 64 (+16.36%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+307.27%)
Dfw1n OsintAustralian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers
Stars: ✭ 63 (+14.55%)
Pcapxray❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
Stars: ✭ 1,096 (+1892.73%)
PlasoSuper timeline all the things
Stars: ✭ 1,055 (+1818.18%)
Amt ForensicsRetrieve Intel AMT's Audit Log from a Linux machine without knowing the admin user's password.
Stars: ✭ 37 (-32.73%)
dnslogMinimalistic DNS logging tool
Stars: ✭ 40 (-27.27%)
PcapfsA FUSE module to mount captured network data
Stars: ✭ 17 (-69.09%)
LogESPOpen Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (+194.55%)
GensumPowerful checksum generator!
Stars: ✭ 12 (-78.18%)
DFIR-O365RCPowerShell module for Office 365 and Azure log collection
Stars: ✭ 158 (+187.27%)
UsbripTracking history of USB events on GNU/Linux
Stars: ✭ 903 (+1541.82%)
HindsightWeb browser forensics for Google Chrome/Chromium
Stars: ✭ 589 (+970.91%)
MantOSLIFARS Networking Security GNU/Linux distro
Stars: ✭ 24 (-56.36%)
Operative Frameworkoperative framework is a OSINT investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.
Stars: ✭ 511 (+829.09%)
mobilehacktoolsA repository for scripting a mobile attack toolchain
Stars: ✭ 61 (+10.91%)
SeqboxA single file container/archive that can be reconstructed even after total loss of file system structures
Stars: ✭ 480 (+772.73%)
TurbiniaAutomation and Scaling of Digital Forensics Tools
Stars: ✭ 461 (+738.18%)
ingest-fileIngestors extract the contents of mixed unstructured documents into structured (followthemoney) data.
Stars: ✭ 40 (-27.27%)
fingerprintjs-androidSwiss army knife for identifying and fingerprinting Android devices.
Stars: ✭ 336 (+510.91%)
DFIR Resources REvil KaseyaResources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack
Stars: ✭ 172 (+212.73%)
Awesome ForensicsAwesome Forensics Resources. Almost 300 open source forensics tools, and 600 blog posts about forensics.
Stars: ✭ 446 (+710.91%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (+629.09%)
TryHackMe-Write-UpThe entire walkthrough of all my resolved TryHackMe rooms
Stars: ✭ 53 (-3.64%)