AndrewRathbun

followers

following

stars

@krollcyber

Michigan

https://aboutdfir.com/

Organizations

Digital-Forensics-Discord-Server

Andrew Rathbun's starred repositories

hugo

The world’s fastest framework for building websites.

Language:GoApache-2.072423 1066 7130

Avalonia

Develop Desktop, Embedded, Mobile and WebAssembly apps with C# and XAML. The most popular .NET Foundation community project.

Language:C#MIT23673 466 6501

unifios-utilities

A collection of enhancements for UnifiOS based devices

Language:ShellGPL-3.03749 144 326

MemProcFS

MemProcFS

Language:CAGPL-3.02638 76 265

EmuDeck

Emulator configurator for Steam Deck

Language:ShellGPL-3.02622 37 615

DSInternals

Directory Services Internals (DSInternals) PowerShell Module and Framework

Language:C#MIT1527 77 145

PowerSharpPack

Language:PowerShell1389 30 6

SharPersist

Language:C#Apache-2.01301 41 1

SharpUp

SharpUp is a C# port of various PowerUp functionality.

Language:C#NOASSERTION1121 43 5

PMAT-labs

Labs for Practical Malware Analysis & Triage

Language:HCL754 20 5

NetPad

A cross-platform C# editor and playground.

Language:TypeScriptMIT748 14 85

LoadingIndicators.WPF

A collection of loading indicators for WPF

Language:C#Unlicense694 35 15

SilkETW

Language:C#Apache-2.0672 42 14

SQLRecon

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.

Language:C#BSD-3-Clause569 5 11

InsightEngineering

Hardcore Debugging

Incident-Response-Powershell

PowerShell Digital Forensics & Incident Response Scripts.

Language:PowerShellBSD-3-Clause401 9 3

NtdsAudit

An Active Directory audit utility

Language:C#MIT375 31 17

MasterParser

MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs

Language:PowerShellMIT236 8 2

god-mode-rules

God Mode Detection Rules

Language:YARAApache-2.0123 70

droid-hole

Pi-hole® client made with Flutter

Language:DartApache-2.0113 2 39

windows-insider

Technical documentation for the Windows Insider Program

Language:PowerShellCC-BY-4.0113 280

LogBoost

Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, Domain, ASN, DNS and Threat Indicator matches.

Language:GoMIT77 2 1

DriveFS-Sleuth

DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based on research that has been performed by mounting different scenarios and noting down the changes in the Google Drive File Stream disk artifacts.

Language:PythonEPL-2.05300

ruler-project

Remote access and Antivirus Logging Database

Language:PythonApache-2.03000

Jumplist-Browser

Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser

Language:PowerShellGPL-2.025 20

RingRecordingDownload

Console Application for Windows, Raspberry Pi, Linux and macOS which allows for downloading of Ring recorded events

Language:C#Apache-2.019 8 15

RingSnapshotDownload

Console Application for Windows, Raspberry Pi, Linux and macOS which allows for downloading of snapshots from Ring devices

Language:C#Apache-2.018 5 11

volatility-binaries

Contains compiled binaries of Volatility

Language:Batchfile18 40

SharpAbeebus

A GeoIP lookup utility utilizing ipinfo.io services.

Language:C#MIT13 20

100daysoflc

A repository for all things that come out of the 100 Days of LC series. D&R rules, screenshots, logs, etc.

MIT100