dfirfpi's starred repositories
deployment-tools
This repo contains the code to build the .NET deployment tools and installers for all supported platforms, as well as the sources to .NET deployment tools.
BlackLotus
BlackLotus UEFI Windows Bootkit
pwnable_writeup
An introduction course to system exploitation based on pwnable.kr challenges
PSPKIAudit
PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.
ADCSKiller
An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
arm_asm_book
A book teaching assembly language programming on the ARM 64 bit ISA. Along the way, good programming practices and insights into code development are offered which apply directly to higher level languages.
necrobrowser
necromantic session control
RpcInvestigator
Exploring RPC interfaces on Windows
Kubestroyer
Kubernetes exploitation tool
DFIRMindMaps
A repository of DFIR-related Mind Maps geared towards the visual learners!
RdpCacheStitcher
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
systeminformer
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com
xways-forensics
Personal settings for X-Ways Forensics
DumpReparsePoints
This is a simple tool to dump all the reparse points on an NTFS volume.
AttackSurfaceAnalyzer
Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.