davehull

Work Accounts: https://github.com/davehull-wiz https://github.com/davehull-rc

Various and sundryI am from enternetz

Pinned Repositories

autorunalyzer
A Python script for performing analysis of the output from Microsoft's Sysinternals Autoruns.
Language:Shell15 7 05
body-outliers
A Python script for finding outliers in fls bodyfiles (see The Sleuth Kit) based on given metadata elements like metadata address, atime, ctime, crtime and mtime.
Language:Python5 3 00
Get-StakRank
A Powershell script for frequency analysis of separated values data files.
Language:PowerShell17 3 14
Kansa
A Powershell incident response framework
Language:PowerShell1.6k 144 114274
Mal-Seine
Why hunt when you can seine?
Language:PowerShell21 9 07
MCC
Tracking my work through the Matasano Crypto Challenges
Language:PowerShell9 4 07
PowerForensics
PowerShell - Live disk forensics platform
Language:C#8 1 01
VirusTotalShell
A fork of David B Heise's VirusTotal Powershell Module
Language:PowerShell17 4 28

davehull's Repositories

davehull/Mal-Seine
Why hunt when you can seine?
Language:PowerShell21 9 07
davehull/Get-StakRank
A Powershell script for frequency analysis of separated values data files.
Language:PowerShell17 3 14
davehull/Get-WebFile
Powershell script based on Boe Prox's Get-WebPage.ps1, but this one pulls down a specific file
3 1 02
davehull/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
Language:PowerShell3 2 01
davehull/PSProfile
A new repo to contain my psprofile
Language:PowerShell3 3 02
davehull/CimSweep
CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.
Language:PowerShell2 1 01
davehull/PSReflect
Easily define in-memory enums, structs, and Win32 functions in PowerShell
Language:PowerShell2 2 0
davehull/ACE
Automated, Collection, and Enrichment Platform
Language:PowerShell1 1 0
davehull/Add-Header
Utility script for adding a header to a data file
Language:PowerShell11
davehull/Demos
Various demos
Language:PowerShell1 1 01
davehull/Empire
Empire is a PowerShell and Python post-exploitation agent.
Language:PowerShell1 1 0
davehull/Get-Fields
Returns the field names from a separated values file, assuming the first line contains a header.
1 1 0
davehull/krabsetw
KrabsETW provides a modern C++ wrapper around the low-level ETW trace consumption functions.
Language:C++1
davehull/Loki
Loki - Simple IOC and Incident Response Scanner
Language:Python11
davehull/Pester
Powershell BDD style testing framework
Language:PowerShell1 1 01
davehull/PowerShellMethodAuditor
PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.
Language:C#1 1 0
davehull/PSReflect-Functions
Language:PowerShell1 1 0
davehull/sandbox-attacksurface-analysis-tools
Language:C#1 1 0
davehull/Update
Language:PowerShell1 1 0
davehull/analyzeMFT
Language:Python1 01
davehull/awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
2
davehull/davehull.github.io
1 0
davehull/dnSpy
.NET debugger and assembly editor
Language:C#1 0
davehull/grr
Language:Python1
davehull/ioc_writer
Language:Python1 0
davehull/lpeworkshop
Windows / Linux Local Privilege Escalation Workshop
1 0
davehull/proxpy
Language:Python1 0
davehull/pytan
Python Wrapper for Tanium's SOAP API
Language:Python1
davehull/rekall
Rekall Memory Forensic Framework
Language:Python1
davehull/ThreatHunter-Playbook
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
1 01