Stand-alone parser for User Access Logging from Server 2012 and newer systems

A PowerShell incident response script for quick triage

Forensics artefact collection tool for systems running Microsoft Windows

Repository of YARA rules made by Trellix ATR Team

Volatility 3.0 development

A collection of regexes for every possbile use

Query and report user logons relations from MS Windows Security Events

Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.

Kaspersky's GReAT KLara

Notes for taking the OSCP in 2097. Read in book form on GitBook

Android Emulator for mobile security testing

Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.

Blue Team Scripts

Python script for extracting USB information from Windows registry hives

Python script to auto-build linux volatility profiles

Repository of yara rules

Django web interface for managing Yara rules

A collection of Red Team focused tools, scripts, and notes

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Collection of things made during my OSCP journey

PowerForensics provides an all in one platform for live disk forensic analysis

File recovery for APFS

⭐️ A curated list of awesome forensic analysis tools and resources

CyLR - Live Response Collection Tool

PowerShell No Agent Hunting

🚀 PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and se…

Powershell Threat Hunting Module

Incident Response Methodologies