Sign up for your own profile on GitHub, the best place to host code, manage projects, and build software alongside 36 million developers.
Hide content and notifications from this user.
Learn more about blocking users
Contact Support about this user’s behavior.
Learn more about reporting abuse
Python script for extracting USB information from Windows registry hives
Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing
Simplified evtx parser...entirely based on @EricRZimmerman's excellent work
LogViewer for viewing and searching large text files...
Send files simply using Google Drive...it's a cross between https://github.com/schollz/croc and https://github.com/google/skicka
A golang implementation to access google drive by using traditional file-folder-path pattern.
Parses the WMI object database....looking for persistence
Prototype system to monitor BGP routes and alert when anomalies are identified
Performs normalised levenshtein distance calculations on log entries to reduce repeated data...
Scans through registry hives outputting entropy values for key/values, dumps binary contents to files...we are looking for those "fileless" malwarez!
Managed library for accessing the Windows security catalog files
Small and highly portable detection tests based on MITRE's ATT&CK.
Golang client for dynamically updating cloudflare DNS records
Snort data viewer...
A working client implementation for AlienVault OTX API written in Golang!
Looks stuff up (MD5, SHA256, IP, Domains, URL's, strings e.g. mutexes)...
Command-line utility for working with Google Drive. Join the mailing list at https://groups.google.com/forum/#!forum/skicka-users.
go package for indexing and querying certain aspects of bgp dumps and some other things.
A set of compiled application restriction bypasses
A rewrite in golang of my .Net csvvaluecounter tool. Basically it counts the number of a particular field in a text file or CSV file
Tool to extract domains/IP's from files
Tool for analysts to perform simultaneous lookups (IP, Domain, URL, MD5) against multiple data sources
Extracts Windows user info including the password hashes