debernal

Pinned Repositories

asm
Repository of assembly programs
Language:Assembly0 2 00
CTFs
2 2 01
down
Simple curl based bash script that mimiks several common user agents and creates a log file of the downloads.
Language:Shell1 2 00
fvol
Wrapper script that will run volatility commands and save the output depending on the profile of the memory dump
Language:Python7 4 02
MANDIANT_public_YARA
MANDIANT public YARA rules, released in Mandiant blog.
Language:YARA0 1 00
mobileForensics
Scripts developed to help in mobile forensics investigations
Language:Python10 2 04
plaso
Super timeline all the things
Language:Python0 1 00
png2mp4
This small and simple script uses Pillow library to continiously save images of the desktop, which can later be added with ffmpeg.exe to produce a mp4 video.
0 2 00
talks
23 2 00
yaraZeekAlert
This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a match it sends email alerts to the email address specified in the mailTo parameter on yaraAlert.conf file. The alert includes network context of the file transfer and attaches the suspicious file if it is less than 10 MB. Alerted files are copied locally to the alerted files folder.
Language:Python3 1 00

debernal's Repositories

debernal/talks
23 2 00
debernal/mobileForensics
Scripts developed to help in mobile forensics investigations
Language:Python10 2 04
debernal/fvol
Wrapper script that will run volatility commands and save the output depending on the profile of the memory dump
Language:Python7 4 02
debernal/yaraZeekAlert
This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a match it sends email alerts to the email address specified in the mailTo parameter on yaraAlert.conf file. The alert includes network context of the file transfer and attaches the suspicious file if it is less than 10 MB. Alerted files are copied locally to the alerted files folder.
Language:Python3 1 00
debernal/CTFs
2 2 01
debernal/down
Simple curl based bash script that mimiks several common user agents and creates a log file of the downloads.
Language:Shell1 2 00
debernal/asm
Repository of assembly programs
Language:Assembly0 2 00
debernal/MANDIANT_public_YARA
MANDIANT public YARA rules, released in Mandiant blog.
Language:YARA0 1 00
debernal/plaso
Super timeline all the things
Language:Python0 1 00
debernal/png2mp4
This small and simple script uses Pillow library to continiously save images of the desktop, which can later be added with ffmpeg.exe to produce a mp4 video.
0 2 00
debernal/setProxy
Bash scripts to set and unset the enterprise proxy without echoing it to standard output, and obfuscating it on the environment variable
0 2 00
debernal/sysmon-config
Sysmon configuration file template with default high-quality event tracing
2 0
debernal/webTools
Collections of tools for web applications.
2 0
debernal/win10_volatility
An advanced memory forensics framework
Language:Python1 0
debernal/YARA
Various YARA signatures
Language:YARA1 0
debernal/YARA_for_config_extraction
Updated for Yara
Language:YARA0 0