Giters
Martin Willing (evild3ad)

evild3ad

Geek Repo

102

followers

5

following

55

stars

Location:Hanover, Germany

Home Page:https://www.evild3ad.com

Twitter:@evild3ad79

Github PK Tool:Github PK Tool

Martin Willing's starred repositories

zui

Zui is a powerful desktop application for exploring and working with data. The official front-end to the Zed lake.

Language:TypeScriptLicense:NOASSERTIONStargazers:1744Issues:29Issues:1010

cli

Official Command Line Interface for the IPinfo API (IP geolocation and other types of IP data)

Language:GoLicense:Apache-2.0Stargazers:1661Issues:30Issues:93

evtx

A Fast (and safe) parser for the Windows XML Event Log (EVTX) format

Language:RustLicense:Apache-2.0Stargazers:609Issues:22Issues:49

aftermath

Aftermath is a free macOS IR framework

Language:SwiftLicense:MITStargazers:440Issues:15Issues:14

Microsoft-Extractor-Suite

A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.

Language:PowerShellLicense:GPL-2.0Stargazers:395Issues:14Issues:40

KnockKnock

Enumerate persistently installed software

Language:Objective-CLicense:GPL-3.0Stargazers:383Issues:15Issues:32

Trawler

PowerShell script to help Incident Responders discover potential adversary persistence mechanisms.

Language:PowerShellLicense:MITStargazers:295Issues:2Issues:11

Netiquette

Network Monitor

Language:Objective-CLicense:GPL-3.0Stargazers:291Issues:14Issues:14

MFT_Browser

$MFT directory tree reconstruction & FILE record info

Language:PowerShellLicense:MITStargazers:280Issues:13Issues:0

WhatsYourSign

WhatsYourSign adds a menu item to Finder.app. Simply right-, or control-click on any file to display its cryptographic signing information!

Language:Objective-CLicense:GPL-3.0Stargazers:267Issues:23Issues:21

TrueTree

A command line tool for pstree-like output on macOS with additional pid capturing capabilities

Language:SwiftLicense:NOASSERTIONStargazers:214Issues:13Issues:4

AuthLogParser

AuthLogParser is a powerful DFIR tool designed specifically for analyzing Linux authentication logs, commonly known as auth.log

Language:PowerShellLicense:MITStargazers:190Issues:5Issues:0

WindowsTimeline

Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)

Language:PowerShellLicense:MPL-2.0Stargazers:167Issues:13Issues:2

mft

A parser for the MFT (Master File Table) format

Language:RustLicense:Apache-2.0Stargazers:117Issues:10Issues:16

OneNoteAnalyzer

A C# based tool for analysing malicious OneNote documents

Language:C#License:MITStargazers:107Issues:8Issues:2

TaskExplorer

Visually explore all running tasks (processes) ....viewing its signature status, loaded dylibs, open files, network connection, and much more.

Language:Objective-CLicense:GPL-3.0Stargazers:78Issues:7Issues:3

brimcap

Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)

Language:GoLicense:BSD-3-ClauseStargazers:70Issues:7Issues:64

Evtx_Log_Browser

Evtx Log (xml) Browser

Language:PowerShellLicense:MITStargazers:55Issues:7Issues:0

WinEDB

Windows.EDB Browser

Language:PowerShellLicense:MITStargazers:49Issues:4Issues:0

Prefetch-Browser

Browse Windows Prefetch versions: 17,23,26,30v1/2 & some of SuperFetch .7db/.db's

Language:PowerShellLicense:MITStargazers:40Issues:3Issues:1

Jumplist-Browser

Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser

Language:PowerShellLicense:GPL-2.0Stargazers:26Issues:2Issues:0

aftermath

Aftermath is a free macOS incident response framework

Language:SwiftLicense:MITStargazers:24Issues:1Issues:0

zui-insiders

Releases for the Zui Insiders app.

License:NOASSERTIONStargazers:21Issues:4Issues:1

fmd

Windows file metadata / forensic tool.

Language:RustLicense:MITStargazers:14Issues:4Issues:8

macos-fseventsd

A library to parse macOS FsEvents

Language:RustLicense:MITStargazers:13Issues:2Issues:1

Invoke-SRUMDump

A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.

Language:PowerShellStargazers:11Issues:1Issues:0

ESXiTri

ESXi Cyber Security Incident Response Script

Language:ShellLicense:GPL-3.0Stargazers:10Issues:0Issues:0

WINTri

Windows Cyber Security Incident Response Script

Language:PowerShellLicense:GPL-3.0Stargazers:4Issues:0Issues:0

PowerTriage

PowerTriage is a tool for SOCs and CERTs to captures a plethora of live data from remote computers

Language:PowerShellLicense:GPL-3.0Stargazers:3Issues:1Issues:0

LINTri

Linux Cyber Security Incident Response Script

Language:ShellLicense:GPL-3.0Stargazers:2Issues:0Issues:0