Stars
A tool to automatically decode and translate any TCP hexa payload data form any language to english.
Collection of walkthroughs on various threat hunting techniques
Utility for parsing Bro log files into CSV or JSON format
Reconnaissance-Framework , a framework providing beginners to play with various recon-related tools.
AgileGrabber is a multi cored and multi threaded port scanner made with python and nmap to make scanning faster.
Nmap script that scans for probable vulnerabilities based on services discovered in open ports.
Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to automated phishing domain investigations. However it can be used …
PowerShell Digital Forensics & Incident Response Scripts.
Herramienta enfocada al Networking, para auditorias o bien para gastar bromas en nuestra Red Wifi o a otras Redes Wifi. [NO ME HAGO RESPONSABLE DEL MAL USO DE ESTA HERRAMIENTA]
The best tools and resources for forensic analysis.
Scripts and code referenced in CrowdStrike blog posts
PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.
PowerShell module for creating and managing Sysinternals Sysmon config files.
A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
This is a little plugin to copy disassembly in a way that is usable in YARA rules!
Automagically extract forensic timeline from volatile memory dump
Rapidly Search and Hunt through Windows Forensic Artefacts
These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.
$MFT parser (from live systems or a copy of the $MFT) and raw file copy utility
Parse nmap scan data with Perl (official repo)
A curated list of tools for incident response