wallrik's Stars
google/timesketch
Collaborative forensic timeline analysis
citizenfx/fivem
The source code for the Cfx.re modification frameworks, such as FiveM, RedM and LibertyM, as well as FXServer.
fox-it/dissect.target
The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets).
evild3ad/Collect-MemoryDump
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
csababarta/memory-baseliner
Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on multiple such images
sleuthkit/autopsy
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
Norbyte/lslib
Tools for manipulating Divinity Original Sin and Baldur's Gate 3 files
DeaDBeeF-Player/deadbeef
DeaDBeeF Player
ergrelet/windiff
Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.
dfir-iris/iris-web
Collaborative Incident Response platform
Yamato-Security/hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
neutrinolabs/xrdp
xrdp: an open source RDP server
little-brother/sqlite-gui
Lightweight SQLite editor for Windows
wixtoolset/wix
WiX Toolset Code
Yves848/WingetPosh
Winget helper written in Powershel
vmdiff/vmdiff-prototype
Diff and display virtual machine snapshots
fipso/ccurl.sh
Use cURL with cookies from Chrome
hasherezade/pe-bear
Portable Executable reversing tool with a friendly GUI
icsharpcode/ILSpy
.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
xiosec/Reverse-engineering
Reverse Engineering tools
api0cradle/CVE-2023-23397-POC-Powershell
volatilityfoundation/volatility3
Volatility 3.0 development
manticoresoftware/manticoresearch
Easy to use open source fast database for search | Good alternative to Elasticsearch now | Drop-in replacement for E in the ELK soon
EricZimmerman/KapeFiles
This repository serves as a place for community created Targets and Modules for use with KAPE.
dwmetz/CyberPipe
An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
eddiechu/File-Smuggling
HTML smuggling is not an evil, it can be useful
tclahr/uac
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
ashemery/Anti-Forensics
A Repository to Track Anti-Forensic Techniques
threathunters-io/laurel
Transform Linux Audit logs for SIEM usage
sqall01/LSMS
Linux Security and Monitoring Scripts