aaarghhh
Follow
DFIR
Project based on RegRipper, to extract add'l value/pivot points from TLN events file
Browser forensics tool for Google Chrome (and other Chromium-based browsers)
research chrome stored databases - dumping all urls
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifyin…
Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
Tool and framework for securely reading untrusted USB mass storage devices.
Frontend to explore the internals of a PDF document with Origami
Massayo is a small proof-of-concept Rust library which removes AV/EDR hooks in a given system DLL
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of U…
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
A repository to share publicly available Velociraptor detection content
Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike https://www.cobaltstrike.com/.
Tools and Techniques for Blue Team / Incident Response
CTF styled Digital Forensics labs, as offered in FAST NUCES Karachi during Spring 2023.
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Rapidly Search and Hunt through Windows Forensic Artefacts
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
Steganography & PNG - Hide information inside PNG images