Stars
Simple (relatively) things allowing you to dig a bit deeper than usual.
ππ This is a ππ₯ REAL WORLDπ₯ π Malware Collection I have Compiled & analysed by researchersπ₯ to understand more about Malware threatsπ, analysis and mitigationπ§.
IDA plugin which queries language models to speed up reverse-engineering
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (paβ¦
Go CLI and Library for quickly mapping organization network ranges using ASN information.
π A delightful community-driven (with 2,400+ contributors) framework for managing your zsh configuration. Includes 300+ optional plugins (rails, git, macOS, hub, docker, homebrew, node, php, pythonβ¦
An automatic unpacker and logger for DotNet Framework targeting files
A collection of MDE KQL hunting queries useful for incident response and threat hunting.
A suite of Tools to aid Incidence Response and Live Forensics for - Windows (Powershell) | Linux (Bash) | MacOS (Shell)
Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
Decompilation as a Service. Explore multiple decompilers and compare their output with minimal effort. Upload binary, get decompilation.
UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Uβ¦
Hex diff viewer using alignment algorithms from biology
Collection of scripts / samples / snippits around the community service at www.filescan.io
The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifaβ¦
OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat and <UserCid>.dat.previous file.
Rip Raw is a small tool to analyse the memory of compromised Linux systems.
Free hands-on digital forensics labs for students and faculty
ELF file viewer/editor for Windows, Linux and MacOS.
Collection of malware source code for a variety of platforms in an array of different programming languages.
Scan files or process memory for CobaltStrike beacons and parse their configuration
This repo covers some code execution and AV Evasion methods for Macros in Office documents