Pinned Repositories
acquire
acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
dfir-lab
Native-code
non-root-docker-images
webhacking
Zawadidone's Repositories
Zawadidone/artifacts
Digital Forensics Artifact Repository
Zawadidone/dfir-lab
Zawadidone/acquire
acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
Zawadidone/avml
AVML - Acquire Volatile Memory for Linux
Zawadidone/CarbonBlackCloud-Extractor
Carbon Black Cloud Events extractor
Zawadidone/DFIRArtifactMuseum
The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifacts that may no longer be readily available anymore.
Zawadidone/dissect-docs
Dissect documentation project
Zawadidone/dissect.cstruct
A Dissect module implementing a parser for C-like structures.
Zawadidone/dissect.ntfs
A Dissect module implementing a parser for the NTFS file system, used by the Windows operating system.
Zawadidone/dissect.shellitem
A Dissect module implementing a parser for the Shellitem structures, commonly used by Microsoft Windows.
Zawadidone/dissect.target
The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets).
Zawadidone/FARA
Repository that contains a set of purposefully erroneous Yara rules.
Zawadidone/flow.record
Recordization library
Zawadidone/iocextract
Defanged Indicator of Compromise (IOC) Extractor.
Zawadidone/ir-automation
Incident Response automation scripts
Zawadidone/KapeFiles
This repository serves as a place for community created Targets and Modules for use with KAPE.
Zawadidone/Microsoft-Extractor-Suite
A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.
Zawadidone/msticpy
Microsoft Threat Intelligence Security Tools
Zawadidone/pandas
Flexible and powerful data analysis / manipulation library for Python, providing labeled data structures similar to R data.frame objects, statistical functions, and much more
Zawadidone/professional-services
Common solutions and tools developed by Google Cloud's Professional Services team. This repository and its contents are not an officially supported Google product.
Zawadidone/PyOxidizer
A modern Python application packaging and distribution tool
Zawadidone/Ransomchats
Zawadidone/terraform-provider-ec
Terraform provider for the Elasticsearch Service and Elastic Cloud Enterprise
Zawadidone/timesketch
Collaborative forensic timeline analysis
Zawadidone/velociraptor
Digging Deeper....
Zawadidone/velociraptor-docs
Documentation site for Velociraptor
Zawadidone/VolWeb
A centralized and enhanced memory analysis platform
Zawadidone/website
Zawadidone/WinPmem
The multi-platform memory acquisition tool.
Zawadidone/YubiKey-Guide
Guide to using YubiKey for GPG and SSH