PSTraceTrace ScriptBlock execution for powershell v2
Stars: ✭ 38 (+2.7%)
AdtimelineTimeline of Active Directory changes with replication metadata
Stars: ✭ 252 (+581.08%)
MemProcFS-AnalyzerMemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
Stars: ✭ 89 (+140.54%)
Amt ForensicsRetrieve Intel AMT's Audit Log from a Linux machine without knowing the admin user's password.
Stars: ✭ 37 (+0%)
qedThe scalable, auditable and high-performance tamper-evident log project
Stars: ✭ 87 (+135.14%)
Firefed🕵️ A tool for Firefox profile analysis, data extraction, forensics and hardening
Stars: ✭ 37 (+0%)
Radare2UNIX-like reverse engineering framework and command-line toolset
Stars: ✭ 15,412 (+41554.05%)
WELAWELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
Stars: ✭ 442 (+1094.59%)
TryHackMe-Write-UpThe entire walkthrough of all my resolved TryHackMe rooms
Stars: ✭ 53 (+43.24%)
FatcatFAT filesystems explore, extract, repair, and forensic tool
Stars: ✭ 201 (+443.24%)
pdfresurrectAnalyze and help extract older "hidden" versions of a pdf from the current pdf.
Stars: ✭ 40 (+8.11%)
PypowershellxrayPython script to decode common encoded PowerShell scripts
Stars: ✭ 192 (+418.92%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (+62.16%)
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Stars: ✭ 171 (+362.16%)
sandfly-setupSandfly Security Agentless Compromise and Intrusion Detection System For Linux
Stars: ✭ 45 (+21.62%)
Tr1pdtamper resistant audit log
Stars: ✭ 13 (-64.86%)
RemoteNETExamine, create and interact with remote objects in other .NET processes.
Stars: ✭ 29 (-21.62%)
KauditAlcide Kubernetes Audit Log Analyzer - Alcide kAudit
Stars: ✭ 23 (-37.84%)
MbaMalware Behavior Analyzer
Stars: ✭ 125 (+237.84%)
EventTranscriptParserPython based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
Stars: ✭ 22 (-40.54%)
Hibr2binComae Hibernation File Decompressor
Stars: ✭ 116 (+213.51%)
harvestTool to sort large collections of files according to common typologies
Stars: ✭ 32 (-13.51%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+4770.27%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (+191.89%)
AppmemDumperForensics triage tool relying on Volatility and Foremost
Stars: ✭ 22 (-40.54%)
Artifacts KitPseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.
Stars: ✭ 99 (+167.57%)
robot hacking manualRobot Hacking Manual (RHM). From robotics to cybersecurity. Papers, notes and writeups from a journey into robot cybersecurity.
Stars: ✭ 169 (+356.76%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+3327.03%)
GetConsoleHistoryAndOutputAn Incident Response tool to extract console command history and screen output buffer
Stars: ✭ 41 (+10.81%)
ingest-fileIngestors extract the contents of mixed unstructured documents into structured (followthemoney) data.
Stars: ✭ 40 (+8.11%)
MrMobile Revelator
Stars: ✭ 69 (+86.49%)
urlRecon📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server
Stars: ✭ 31 (-16.22%)
Icpr2020dfdcVideo Face Manipulation Detection Through Ensemble of CNNs
Stars: ✭ 64 (+72.97%)
Red-Rabbit-V4The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow
Stars: ✭ 123 (+232.43%)
Dfw1n OsintAustralian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers
Stars: ✭ 63 (+70.27%)
Pcapxray❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
Stars: ✭ 1,096 (+2862.16%)
uacUAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
Stars: ✭ 260 (+602.7%)
PlasoSuper timeline all the things
Stars: ✭ 1,055 (+2751.35%)
UsbripTracking history of USB events on GNU/Linux
Stars: ✭ 903 (+2340.54%)
smram parseSystem Management RAM analysis tool
Stars: ✭ 50 (+35.14%)
yara-forensicsSet of Yara rules for finding files using magics headers
Stars: ✭ 115 (+210.81%)
LogESPOpen Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (+337.84%)
DiffyDiffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
Stars: ✭ 555 (+1400%)
PcapfsA FUSE module to mount captured network data
Stars: ✭ 17 (-54.05%)
flare-wmiNo description or website provided.
Stars: ✭ 399 (+978.38%)
GensumPowerful checksum generator!
Stars: ✭ 12 (-67.57%)
HindsightWeb browser forensics for Google Chrome/Chromium
Stars: ✭ 589 (+1491.89%)
UnifiedLogReaderA parser for Unified logging tracev3 files
Stars: ✭ 56 (+51.35%)
Operative Frameworkoperative framework is a OSINT investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.
Stars: ✭ 511 (+1281.08%)
teleparserTelegram cache4.db parser
Stars: ✭ 52 (+40.54%)
CTF-Script-And-Template-Thrift-Shop[180+ scripts] There are a few genuine gems in there. And a lot of spaghetti code. Most of these scripts were for solving CTF's. If you googles something for a CTF and landed here look at the scripts they're all fairly malleable. Sorry for the shitty naming conventions (not really). If you are a recruiter stop. I wont be able to rewrite half thi…
Stars: ✭ 38 (+2.7%)
LevelDBDumperDumps all of the Key/Value pairs from a LevelDB database
Stars: ✭ 23 (-37.84%)
toolsetUseful tools for CTF competitions
Stars: ✭ 31 (-16.22%)