Forensic Artifacts Collecting Toolkit
-
Updated
Jun 7, 2024 - Go
Forensic Artifacts Collecting Toolkit
Sigma detection rules for hunting with the threathunting-keywords project
C# Library and research notes for Windows 11 Notepad State Files
Reverse Engineering the Tabstate files for Windows Notepad
Reverse Engineering the Windowstate files for Windows Notepad
Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
📇 Digital Forensics Artifact Repository (forensicanalysis edition)
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
Analysis or research tools for digital forensics
Python script for outputting PCAPs as JSON as well as extracting attachments within the traffic stream
Add a description, image, and links to the forensicartifacts topic page so that developers can more easily learn about it.
To associate your repository with the forensicartifacts topic, visit your repo's landing page and select "manage topics."