Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Identifies the bytes that Microsoft Defender flags on.

Hunts out CobaltStrike beacons and logs operator command output

CyLR - Live Response Collection Tool

Arsenal Image Mounter mounts the contents of disk images as complete disks in Microsoft Windows.

LogViewer for viewing and searching large text files...

A set of scripts that demonstrate how to perform memory injection in C#

.NET 4.0 Console App to browse VMDK / VHD images and extract files

Snifter is a raw socket IP packet capturing library/app for Windows, with a tiny CPU and memory footprint

Parses the WMI object database....looking for persistence

Scans through registry hives outputting entropy values for key/values, dumps binary contents to files...we are looking for those "fileless" malwarez!