Block or Report
Block or report stuxnet999
Contact GitHub support about this user’s behavior. Learn more about reporting abuse.
Report abuseStars
Language
Sort by: Recently starred
A python-based tool to extract forensic info from ActivitiesCache.db (Windows Activity Timeline)
A python-based tool to extract data from MEGAsync windows application database file and generate a CSV with all the files that are present on MEGA cloud.
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
Linux security with three different distributions (Rocky Linux, Ubuntu and openSUSE)!
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
TeleTracker is a simple set of Python scripts designed for anyone investigating Telegram channels. It helps you send messages quickly and gather useful channel information easily.
A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.
An uroboros program with 100+ programming languages
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (pa…
Documentation and scripts to properly enable Windows event logs.
practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
PowerForensics provides an all in one platform for live disk forensic analysis
A toolset to make a system look as if it was the victim of an APT attack
A GeoIP lookup utility utilizing ipinfo.io services.
Remote access and Antivirus Logging Database
eXtremely Minimal Hugo theme: about 140 lines of code in total, including HTML and CSS (with no dependencies)
Contains compiled binaries of Volatility
Please no pull requests for this repository. Thanks!
Quickly find differences and similarities in disassembled code
Regexplore is a Volatility plugin designed to mimic the functionality of the Registry Explorer plugins in EZsuite
DFIQ is a collection of investigative questions and the approaches for answering them
Powershell Script to aid Incidence Response and Live Forensics | Bash Script for MacOS Live Forensics and Incidence Response
FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV file