live-response

There are 11 repositories under live-response topic.

  • tclahr/uac

    UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

    Language:Shell6672743106

  • evild3ad/MemProcFS-Analyzer

    MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

    Language:PowerShell417202747

  • cyb3rmik3/MDE-DFIR-Resources

    A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.

    31210235

  • evild3ad/Collect-MemoryDump

    Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR

    Language:PowerShell2116226

  • lawndoc/mediator

    An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.

    Language:Python9641215

  • op7ic/unix_collector

    unix_collector is a live response collection script for Incident Response on UNIX-like systems using native binaries.

    Language:Shell27245

  • LazyAlpaka/ifrit

    Incident Forensic Response In Terminal script for linux

    Language:Shell6

  • 21gramaz/Powershell-SIR

    This is a Live Response script to help incident responders to acquire data, contain and recover.

    Language:PowerShell4210

  • iidx/PSListCopy

    File and file meta information collect using PowerShell in Live Response environment.

    Language:Python3200

  • 0xThiebaut/Zipit

    A Firefox extension to encrypt files downloaded through Microsoft 365 Defender's Live Response Sessions.

    Language:TypeScript31

  • iidx/IIS-AppHostParser

    Parse IIS applicationHost.config to generate CSV file.

    Language:Python20