0xDfir's repositories
Incident-Playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
aa-tools
Artifact analysis tools by JPCERT/CC Analysis Center
appcompatprocessor
"Evolving AppCompat/AmCache data analysis beyond grep"
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
BITSInject
A one-click tool to inject jobs into the BITS queue (Background Intelligent Transfer Service), allowing arbitrary program execution as the NT AUTHORITY/SYSTEM account
Collect-MemoryDump
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
Dump
Knowledge is power
elasticsearch-analysis-hebrew
Hebrew analyzer plugin for elasticsearch
EntityFramework6
This is the codebase for Entity Framework 6 (previously maintained at http://entityframework.codeplex.com). Entity Framework Core is maintained at https://github.com/aspnet/EntityFramework.
flare-floss
FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.
hindsight
Internet history forensics for Google Chrome/Chromium
LogFileParser
Parser for $LogFile on NTFS
MegaDev
Bro IDS + ELK Stack to detect and block data exfiltration
MITRE_car
Cyber Analytics Repository
OnionPeeler
Python script to batch query the Tor Relays and Bridges
OSXAuditor
OS X Auditor is a free Mac OS X computer forensics tool
pdfalyzer
Analyze PDFs. With colors. And Yara.
PowerForensics
PowerForensics provides an all in one platform for live disk forensic analysis
security-onion
Linux distro for IDS, NSM, and Log Management
theHarvester
E-mail, subdomain and people names harvester
TheHiveDocs
Documentation of TheHive
ThreatHunter-Playbook
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
volatility
An advanced memory forensics framework
WINspect
Powershell-based Windows Security Auditing Toolbox
yaralyzer
Visually inspect YARA and regex matches found in both binary and text data.
yarp
Yet another registry parser
yeti
Your Everyday Threat Intelligence