ad-privileged-auditProvides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (-93.97%)
Ir RescueA Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Stars: ✭ 311 (-55.32%)
INDXRipperCarve file metadata from NTFS index ($I30) attributes
Stars: ✭ 32 (-95.4%)
RdpCacheStitcherRdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Stars: ✭ 176 (-74.71%)
robot hacking manualRobot Hacking Manual (RHM). From robotics to cybersecurity. Papers, notes and writeups from a journey into robot cybersecurity.
Stars: ✭ 169 (-75.72%)
EventTranscriptParserPython based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
Stars: ✭ 22 (-96.84%)
LinuxforensicsEverything related to Linux Forensics
Stars: ✭ 189 (-72.84%)
ThePhishThePhish: an automated phishing email analysis tool
Stars: ✭ 676 (-2.87%)
hayabusaHayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Stars: ✭ 908 (+30.46%)
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (-93.53%)
PackratLive system forensic collector
Stars: ✭ 16 (-97.7%)
GetConsoleHistoryAndOutputAn Incident Response tool to extract console command history and screen output buffer
Stars: ✭ 41 (-94.11%)
MEATThis toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices
Stars: ✭ 101 (-85.49%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (-67.82%)
HindsightWeb browser forensics for Google Chrome/Chromium
Stars: ✭ 589 (-15.37%)
uacUAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
Stars: ✭ 260 (-62.64%)
TurbiniaAutomation and Scaling of Digital Forensics Tools
Stars: ✭ 461 (-33.76%)
Blue-Team-NotesYou didn't think I'd go and leave the blue team out, right?
Stars: ✭ 899 (+29.17%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (-58.76%)
PSTraceTrace ScriptBlock execution for powershell v2
Stars: ✭ 38 (-94.54%)
DiffyDiffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
Stars: ✭ 555 (-20.26%)
smram parseSystem Management RAM analysis tool
Stars: ✭ 50 (-92.82%)
ForensicsToolsA list of free and open forensics analysis tools and other resources
Stars: ✭ 392 (-43.68%)
AdtimelineTimeline of Active Directory changes with replication metadata
Stars: ✭ 252 (-63.79%)
DfirtrackDFIRTrack - The Incident Response Tracking Application
Stars: ✭ 232 (-66.67%)
urlRecon📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server
Stars: ✭ 31 (-95.55%)
pyaff4The Python implementation of the AFF4 standard.
Stars: ✭ 37 (-94.68%)
UserlineQuery and report user logons relations from MS Windows Security Events
Stars: ✭ 221 (-68.25%)
LevelDBDumperDumps all of the Key/Value pairs from a LevelDB database
Stars: ✭ 23 (-96.7%)
catalystCatalyst is an open source SOAR system that helps to automate alert handling and incident response processes
Stars: ✭ 91 (-86.93%)
CortexCortex: a Powerful Observable Analysis and Active Response Engine
Stars: ✭ 676 (-2.87%)
dnslogMinimalistic DNS logging tool
Stars: ✭ 40 (-94.25%)
CDIRCDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
Stars: ✭ 122 (-82.47%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (-91.38%)
DFIR-O365RCPowerShell module for Office 365 and Azure log collection
Stars: ✭ 158 (-77.3%)
PypowershellxrayPython script to decode common encoded PowerShell scripts
Stars: ✭ 192 (-72.41%)
toolsetUseful tools for CTF competitions
Stars: ✭ 31 (-95.55%)
echoCTF.REDA platform to develop, run and administer CTF competitions. The online echoCTF.RED platform user interfaces and codebase
Stars: ✭ 33 (-95.26%)
WELAWELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
Stars: ✭ 442 (-36.49%)
CTF-Script-And-Template-Thrift-Shop[180+ scripts] There are a few genuine gems in there. And a lot of spaghetti code. Most of these scripts were for solving CTF's. If you googles something for a CTF and landed here look at the scripts they're all fairly malleable. Sorry for the shitty naming conventions (not really). If you are a recruiter stop. I wont be able to rewrite half thi…
Stars: ✭ 38 (-94.54%)
WiFi-ProjectPre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️
Stars: ✭ 22 (-96.84%)
artifactcollector🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
Stars: ✭ 140 (-79.89%)
KuiperDigital Forensics Investigation Platform
Stars: ✭ 257 (-63.07%)
RecuperabitA tool for forensic file system reconstruction.
Stars: ✭ 280 (-59.77%)
CTF-Write-UP澳門網絡安全暨奪旗競賽協會(Macau Cyber Security and Capture The Flag Association)MOCSCTF/MOCTF
Stars: ✭ 27 (-96.12%)
mini-kaliDocker image for hacking
Stars: ✭ 15 (-97.84%)
ThehiveTheHive: a Scalable, Open Source and Free Security Incident Response Platform
Stars: ✭ 2,300 (+230.46%)
ThehivedocsDocumentation of TheHive
Stars: ✭ 353 (-49.28%)
MemProcFS-AnalyzerMemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
Stars: ✭ 89 (-87.21%)
ir scriptsincident response scripts
Stars: ✭ 17 (-97.56%)
Mac aptmacOS Artifact Parsing Tool
Stars: ✭ 329 (-52.73%)
Swap digger swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.
Stars: ✭ 354 (-49.14%)