Sign up for your own profile on GitHub, the best place to host code, manage projects, and build software alongside 40 million developers.
Hide content and notifications from this user.
Learn more about blocking users
Contact Support about this user’s behavior.
Learn more about reporting abuse
Parses the WMI object database....looking for persistence
Simplified evtx parser...entirely based on @EricRZimmerman's excellent work
Python script for extracting USB information from Windows registry hives
Application for viewing/searching large text/log files (WPF port of the original LogViewer)
LogViewer for viewing and searching large text files...
Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing
volatility-runner is a command line application designed to speed up memory forensics using the volatility framework, primarily for instances where the user has multiple memory dumps to analyse.
Send files simply using Google Drive...it's a cross between https://github.com/schollz/croc and https://github.com/google/skicka
A golang implementation to access google drive by using traditional file-folder-path pattern.
Prototype system to monitor BGP routes and alert when anomalies are identified
Performs normalised levenshtein distance calculations on log entries to reduce repeated data...
Scans through registry hives outputting entropy values for key/values, dumps binary contents to files...we are looking for those "fileless" malwarez!
Managed library for accessing the Windows security catalog files
Small and highly portable detection tests based on MITRE's ATT&CK.
Snort data viewer...
A working client implementation for AlienVault OTX API written in Golang!
Looks stuff up (MD5, SHA256, IP, Domains, URL's, strings e.g. mutexes)...
Command-line utility for working with Google Drive. Join the mailing list at https://groups.google.com/forum/#!forum/skicka-users.
go package for indexing and querying certain aspects of bgp dumps and some other things.
A set of compiled application restriction bypasses
A rewrite in golang of my .Net csvvaluecounter tool. Basically it counts the number of a particular field in a text file or CSV file
Tool to extract domains/IP's from files
Tool for analysts to perform simultaneous lookups (IP, Domain, URL, MD5) against multiple data sources
Extracts Windows user info including the password hashes