Fox-IT

Part of NCC Group

Netherlands

Pinned Repositories

aclpwn.py
Active Directory ACL exploitation with BloodHound
Language:Python703 27 7107
cve-2019-1040-scanner
Language:Python287 8 355
dissect
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group).
927 22 1765
dissect.cstruct_legacy
A no-nonsense c-like structure parsing library for Python
Language:Python239 27 1325
Invoke-ACLPwn
Language:PowerShell513 22 687
LDAPFragger
Language:C#189 11 028
linux-luks-tpm-boot
A guide for setting up LUKS boot with a key from TPM in Linux
Language:Shell181 18 043
log4j-finder
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)
Language:Python435 21 3797
mkYARA
Generating YARA rules based on binary code
Language:Python203 19 750
quantuminsert
Quantum Insert
Language:HTML213 28 156

Fox-IT's Repositories

fox-it/dissect
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group).
927 22 1765
fox-it/dissect.cobaltstrike
Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles
Language:Python147 13 321
fox-it/acquire
acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
Language:Python91 15 4126
fox-it/dissect.target
The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets).
Language:Python44 18 24647
fox-it/dissect.cstruct
A Dissect module implementing a parser for C-like structures.
Language:Python40 14 3016
fox-it/pcap-broker
PCAP-over-IP server written in Golang
Language:Go15 8 01
fox-it/dissect.ntfs
A Dissect module implementing a parser for the NTFS file system, used by the Windows operating system.
Language:Python8 13 24
fox-it/dissect-docs
Dissect documentation project
7 12 37
fox-it/flow.record
Recordization library
Language:Python7 11 319
fox-it/dissect.sql
A Dissect module implementing a parsers for the SQLite database file format, commonly used by applications to store configuration data.
Language:Python6 13 14
fox-it/dissect.hypervisor
A Dissect module implementing parsers for various hypervisor disk, backup and configuration files.
Language:Python5 12 45
fox-it/dissect.ole
A Dissect module implementing a parser for the Object Linking & Embedding (OLE) format, commonly used by document editors on Windows operating systems.
Language:Python3 12 01
fox-it/dissect.regf
A Dissect module implementing a parser for Windows registry file format, used to store application and OS configuration on Windows operating systems.
Language:Python3 12 02
fox-it/dissect.util
A Dissect module implementing various utility functions for the other Dissect modules.
Language:Python3 13 45
fox-it/dissect.vmfs
Dissect module implementing a parser for the VMFS file system, used by VMware virtualization software.
Language:Python3 12 81
fox-it/dissect.volume
A Dissect module implementing a parser for different disk volume and partition systems, for example LVM2, GPT and MBR.
Language:Python3 12 31
fox-it/dissect-workflow-templates
Workflow templates for the dissect projects
2 9 21
fox-it/dissect.fat
A Dissect module implementing parsers for the FAT and exFAT file systems, commonly used on flash memory based storage devices and UEFI partitions.
Language:Python2 12 12
fox-it/dissect.ffs
A Dissect module implementing a parser for the FFS file system, commonly used by BSD operating systems.
Language:Python2 12 01
fox-it/dissect.shellitem
A Dissect module implementing a parser for the Shellitem structures, commonly used by Microsoft Windows.
Language:Python2 12 22
fox-it/dissect.xfs
A Dissect module implementing a parser for the XFS file system, commonly used by RedHat Linux distributions.
Language:Python2 12 24
fox-it/dissect-add-on-for-splunk
A splunk plugin that provides sourcetyping for ingestion and processing of dissect records
10
fox-it/dissect.btrfs
A Dissect module implementing a parser for the btrfs file system.
Language:Python1 12 3
fox-it/dissect.extfs
A Dissect module implementing a parser for the ExtFS file system, the native filesystem for Linux operating systems.
Language:Python1 12 21
fox-it/dissect.thumbcache
A Dissect module implementing a parser for windows thumbcache.
Language:Python1 10 01
fox-it/dissect.executable
A Dissect module implementing parsers for various executable formats such as PE, ELF and Macho-O.
Language:Python0 11 52
fox-it/dissect.disc
A Dissect module implementing a parser for file systems commonly used on optical media, such as ISO9660 and several extensions.
11 01
fox-it/dissect.jffs
A Dissect module implementing a parser for the JFFS2 file system, commonly used by router operating systems.
Language:Python11 01
fox-it/dissect.squashfs
A Dissect module implementing a parser for the SquashFS file system.
Language:Python11 3
fox-it/PyOxidizer
A modern Python application packaging and distribution tool
Language:Rust0 0