INDXRipperCarve file metadata from NTFS index ($I30) attributes
Stars: ✭ 32 (-98.36%)
CDIRCDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
Stars: ✭ 122 (-93.74%)
MEATThis toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices
Stars: ✭ 101 (-94.82%)
uacUAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
Stars: ✭ 260 (-86.65%)
RdpCacheStitcherRdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Stars: ✭ 176 (-90.97%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (-88.5%)
bits parserExtract BITS jobs from QMGR queue and store them as CSV records
Stars: ✭ 64 (-96.71%)
PypowershellxrayPython script to decode common encoded PowerShell scripts
Stars: ✭ 192 (-90.14%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-94.46%)
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (-97.69%)
PSTraceTrace ScriptBlock execution for powershell v2
Stars: ✭ 38 (-98.05%)
PackratLive system forensic collector
Stars: ✭ 16 (-99.18%)
ir scriptsincident response scripts
Stars: ✭ 17 (-99.13%)
Ir RescueA Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Stars: ✭ 311 (-84.03%)
BrambleBramble is a hacking Open source suite.
Stars: ✭ 60 (-96.92%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-95.28%)
PlasoSuper timeline all the things
Stars: ✭ 1,055 (-45.84%)
ScriptingPS / Bash / Python / Other scripts For FUN!
Stars: ✭ 47 (-97.59%)
AwesomeA curated list of awesome things related to TheHive & Cortex
Stars: ✭ 88 (-95.48%)
HistoricprocesstreeAn Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Stars: ✭ 46 (-97.64%)
Ios Triageincident response tool for iOS devices
Stars: ✭ 42 (-97.84%)
Amt ForensicsRetrieve Intel AMT's Audit Log from a Linux machine without knowing the admin user's password.
Stars: ✭ 37 (-98.1%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (-49.9%)
Dfw1n OsintAustralian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers
Stars: ✭ 63 (-96.77%)
Artifacts KitPseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.
Stars: ✭ 99 (-94.92%)
Pcapxray❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
Stars: ✭ 1,096 (-43.74%)
Hibr2binComae Hibernation File Decompressor
Stars: ✭ 116 (-94.05%)
AutotimelinerAutomagically extract forensic timeline from volatile memory dump
Stars: ✭ 54 (-97.23%)
GohacktoolsHacker tools on Go (Golang)
Stars: ✭ 1,303 (-33.11%)
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (-93.12%)
C Aff4An AFF4 C++ implementation.
Stars: ✭ 126 (-93.53%)
Oletoolsoletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
Stars: ✭ 1,848 (-5.13%)
Tr1pdtamper resistant audit log
Stars: ✭ 13 (-99.33%)
MftecmdParses $MFT from NTFS file systems
Stars: ✭ 45 (-97.69%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (-34.91%)
Analyst CasefileMaltego CaseFile entities for information security investigations, malware analysis and incident response
Stars: ✭ 41 (-97.9%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (-7.49%)
Firefed🕵️ A tool for Firefox profile analysis, data extraction, forensics and hardening
Stars: ✭ 37 (-98.1%)
ResponseMonzo's real-time incident response and reporting tool ⚡️
Stars: ✭ 1,252 (-35.73%)
PcapfsA FUSE module to mount captured network data
Stars: ✭ 17 (-99.13%)
Thehive4pyPython API Client for TheHive
Stars: ✭ 143 (-92.66%)
GensumPowerful checksum generator!
Stars: ✭ 12 (-99.38%)
TcpflowTCP/IP packet demultiplexer. Download from:
Stars: ✭ 1,231 (-36.81%)
Wazuh ChefWazuh - Chef cookbooks
Stars: ✭ 9 (-99.54%)
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (-96.15%)
KauditAlcide Kubernetes Audit Log Analyzer - Alcide kAudit
Stars: ✭ 23 (-98.82%)
Cortex4pyPython API Client for Cortex
Stars: ✭ 22 (-98.87%)
AutopsyAutopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
Stars: ✭ 1,183 (-39.27%)
UsbripTracking history of USB events on GNU/Linux
Stars: ✭ 903 (-53.64%)
Awesome SreA curated list of Site Reliability and Production Engineering resources.
Stars: ✭ 7,687 (+294.61%)
MbaMalware Behavior Analyzer
Stars: ✭ 125 (-93.58%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-94.61%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-96.25%)
MemlabsEducational, CTF-styled labs for individuals interested in Memory Forensics
Stars: ✭ 696 (-64.27%)
BashfuscatorA fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Stars: ✭ 690 (-64.58%)