Beast code in Giters

Martin Willing's starred repositories

mvt

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Language:PythonNOASSERTION10340 253 305

ImportExcel

PowerShell module to import/export Excel spreadsheets, without Excel

Language:PowerShellApache-2.02460 131 1214

zui

Zui is a powerful desktop application for exploring and working with data. The official front-end to the Zed lake.

Language:TypeScriptNOASSERTION1787 29 1044

cli

Official Command Line Interface for the IPinfo API (IP geolocation and other types of IP data)

Language:GoApache-2.01729 31 95

vt-cli

VirusTotal Command Line Interface

Language:GoApache-2.0802 43 57

evtx

A Fast (and safe) parser for the Windows XML Event Log (EVTX) format

Language:RustApache-2.0660 23 51

MasterParser

MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs

Language:PowerShellMIT575 12 4

Microsoft-Extractor-Suite

A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.

Language:PowerShellGPL-2.0457 19 59

KnockKnock

Enumerate persistently installed software

Language:Objective-CGPL-3.0430 15 32

iShutdown

Language:PythonMIT404 9 7

Netiquette

Network Monitor

Language:Objective-CGPL-3.0308 16 14

Trawler

PowerShell script to help Incident Responders discover potential adversary persistence mechanisms.

Language:PowerShellMIT306 2 11

WhatsYourSign

WhatsYourSign adds a menu item to Finder.app. Simply right-, or control-click on any file to display its cryptographic signing information!

Language:Objective-CGPL-3.0272 23 23

TrueTree

A command line tool for pstree-like output on macOS with additional pid capturing capabilities

Language:SwiftNOASSERTION242 13 4

MSIdentityTools

Repository for the Microsoft Identity Tools PowerShell module which provides various tools for performing enhanced Identity administration activities.

Language:PowerShellMIT224 17 34

WindowsTimeline

Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)

Language:PowerShellMPL-2.0176 13 2

mft

A parser for the MFT (Master File Table) format

Language:RustApache-2.0125 10 16

OneNoteAnalyzer

A C# based tool for analysing malicious OneNote documents

Language:C#MIT108 8 2

TaskExplorer

Visually explore all running tasks (processes) ....viewing its signature status, loaded dylibs, open files, network connection, and much more.

Language:Objective-CGPL-3.085 7 4

brimcap

Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)

Language:GoBSD-3-Clause74 7 65

Evtx_Log_Browser

Evtx Log (xml) Browser

Language:PowerShellMIT54 70

WinEDB

Windows.EDB Browser

Language:PowerShellMIT53 40

aftermath

Aftermath is a free macOS incident response framework

Language:SwiftMIT27 10

zui-insiders

Releases for the Zui Insiders app.

NOASSERTION21 4 1

ESXiTri

ESXi Cyber Security Incident Response Script

Language:ShellGPL-3.019 20

macos-fseventsd

A library to parse macOS FsEvents

Language:RustMIT16 2 1

fmd

Windows file metadata / forensic tool.

Language:RustMIT14 4 8

WINTri

Windows Cyber Security Incident Response Script

Language:PowerShellGPL-3.06 20

LINTri

Linux Cyber Security Incident Response Script

Language:ShellGPL-3.04 20

PowerTriage

PowerTriage is a tool for SOCs and CERTs to captures a plethora of live data from remote computers

Language:PowerShellGPL-3.03 10