Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!

Various tools, examples, and documentation for communicating with Hoymiles microinverters

A full description of how to setup Octoprint for the Prusa Mini

MDE relies on some of the Audit settings to be enabled

Visual-based analysis of file system metadata. The tool enables digital forensics of large volumes of data.

A small util to brute-force prefetch hashes

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Cuckoo3 is a Python 3 open source automated malware analysis system.

Find secrets with Gitleaks 🔑

Cobalt Strike Beacon configuration extractor and parser.

A python script to acquire multiple aws ec2 instances in a forensically sound-ish way

Parse Chrome History and Downloads into TSV or TLN format

Collaborative Incident Response platform

This cheasheet is aimed at the CTF Players and Beginners to help them sort Hack The Box Labs on the basis of Operating System and Difficulty.

The application is a PoC that helps in identifying modern bankers, potentially malicious and remote controlling applications abusing Android AccessibilityService.

DFIRTrack - The Incident Response Tracking Application

CyLR - Live Response Collection Tool

Linux privilege escalation auditing tool

Browser Shortcuts for Cyber Security Related Online Services

Small and highly portable detection tests based on MITRE's ATT&CK.

Script to remove Windows 10 bloatware.

🍯 T-Pot - The All In One Multi Honeypot Platform 🐝

Volatility 3.0 development

A GeoIP lookup utility utilizing ipinfo.io services.

A "tiny" meterpreter stager

A Network Packet Sniffing tool developed in Python 3.

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

Digging Deeper....