Ed Michael's repositories
Abeebus
A GeoIP lookup utility utilizing ipinfo.io services
ALFA
ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit logs using statistics and the MITRE ATT&CK Cloud Framework
Android-Usagestats-XML-Parser
Android Usagestats XML Parser
apollo
Apple Pattern of Life Lazy Output'er
automactc
AutoMacTC: Automated Mac Forensic Triage Collector
awesome-incident-response
A curated list of tools for incident response
awesome-security
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
CIFR2019
Additional downloads for the CIFR2019 course in Orlando, FL
docker-explorer
A tool to help forensicate offline docker acquisitions
iOS_sms_parser
Parses iOS11 messages and handles the 18 digit timestamps. Will parse older iOS versions as long as iOS 11 was installed.
jar-analyzer
A Java GUI Tool for Analyzing Jar
mac_apt
macOS Artifact Parsing Tool
malware-gems
A not so awesome list of malware gems for aspiring malware analysts
oletools
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
OSCP-cheat-sheet
list of useful commands, shells and notes related to OSCP
Red-Teaming-Toolkit
A collection of open source and commercial tools that aid in red team operations.
TechnoMB_2019
Warrant templates discussed during the conference
timesketch
Collaborative forensic timeline analysis
Transit
MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.
usbrip
Simple command line forensics tool for tracking USB device artifacts (history of USB events) on GNU/Linux
velociraptor-docs
Documentation site for Velociraptor
windowsterminal-shell
Install/uninstall scripts for Windows Terminal context menu items