AbdulRhmanAlfaifi
Digital Forensics & Incident Responder, Malware Reverse, I develop tool in #Rust & #Python to help #DFIR community
Riyadh
Pinned Repositories
CryptnetURLCacheParser
CryptnetURLCacheParser is a tool to parse CryptAPI cache files
CryptnetURLCacheParser-rs
A rust parser for CryptnetURLCache metadata files.
EventLogMonitor
EventLogMonitor hooks into Window Event Logs and display the new event as they written to the log.
Fennec
Artifact collection tool for *nix systems
lnk_parser
lnk_parser is a full rust implementation to parse windows LNK files
notepad_parser
A Rust parser for Notepad TabState artifact
osqueryIR
osqueryIR is an artifact collection tool for Linux systems.
Rhaegal
Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect suspicious/malicious logs
SDSParser-rs
NTFS Security Descriptor Stream ($Secure:$SDS) parser
winparsingtools
collection of structs and utilities for parsing windows binary formats.
AbdulRhmanAlfaifi's Repositories
AbdulRhmanAlfaifi/Fennec
Artifact collection tool for *nix systems
AbdulRhmanAlfaifi/Rhaegal
Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect suspicious/malicious logs
AbdulRhmanAlfaifi/CryptnetURLCacheParser
CryptnetURLCacheParser is a tool to parse CryptAPI cache files
AbdulRhmanAlfaifi/lnk_parser
lnk_parser is a full rust implementation to parse windows LNK files
AbdulRhmanAlfaifi/SDSParser-rs
NTFS Security Descriptor Stream ($Secure:$SDS) parser
AbdulRhmanAlfaifi/EventLogMonitor
EventLogMonitor hooks into Window Event Logs and display the new event as they written to the log.
AbdulRhmanAlfaifi/winparsingtools
collection of structs and utilities for parsing windows binary formats.
AbdulRhmanAlfaifi/osqueryIR
osqueryIR is an artifact collection tool for Linux systems.
AbdulRhmanAlfaifi/osquery-rs
This crate allows you to execute osquery SQL queries using osquery Thrift API
AbdulRhmanAlfaifi/CryptnetURLCacheParser-rs
A rust parser for CryptnetURLCache metadata files.
AbdulRhmanAlfaifi/notepad_parser
A Rust parser for Notepad TabState artifact
AbdulRhmanAlfaifi/SDSParser-py
NTFS Security Descriptor Stream ($Secure:$SDS) parser, Python bindings for https://github.com/AbdulRhmanAlfaifi/SDSParser-rs
AbdulRhmanAlfaifi/RecycleBinParser-rs
Parser for Recycle Bin $I files
AbdulRhmanAlfaifi/CommentRetriever
A python script to extract comment from any webpage.
AbdulRhmanAlfaifi/GetDocsWithMacros
A python script that takes a path as input then go recursively looking for office file that contains macros.
AbdulRhmanAlfaifi/libtsk-rs
Wrapper for TSK (Sleuth Kit) Bindings
AbdulRhmanAlfaifi/Kuiper
Digital Forensics Investigation Platform
AbdulRhmanAlfaifi/Loki
Loki - Simple IOC and Incident Response Scanner
AbdulRhmanAlfaifi/morsecoder
Command line tool to encode message to morse code and decode morse code to clear message.
AbdulRhmanAlfaifi/cve-2020-0688
cve-2020-0688
AbdulRhmanAlfaifi/pyevtx-rs
Python bindings for https://github.com/omerbenamram/evtx/
AbdulRhmanAlfaifi/shields
Concise, consistent, and legible badges in SVG and raster format
AbdulRhmanAlfaifi/winstructs
Parsers for common structures across windows formats.