Pinned Repositories
DFIRRegex
A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
evtx
C# based evtx parser with lots of extras
forensic-artifact-automation
A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing open-source tools, such as Kape (Kroll Artifact Parser and Extractor), to forensically acquire and process necessary artifact used in compromise assessments. Additional scripts provide pre-processing automation capabilities and other supporting functions.
KapeFiles
This repository serves as a place for community created Targets and Modules for use with KAPE.
jball77-git's Repositories
jball77-git/DFIRRegex
A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
jball77-git/evtx
C# based evtx parser with lots of extras
jball77-git/forensic-artifact-automation
A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing open-source tools, such as Kape (Kroll Artifact Parser and Extractor), to forensically acquire and process necessary artifact used in compromise assessments. Additional scripts provide pre-processing automation capabilities and other supporting functions.
jball77-git/KapeFiles
This repository serves as a place for community created Targets and Modules for use with KAPE.