gleeda (Jamie Levy)'s repositories
misc-scripts
misc scripts
RDP-Replay
Replay RDP traffic from PCAP
subTee-gits-backups
subTee gists code backups
virtual-reality
Stealthy backdoor for Windows operating systems
volatility
An advanced memory forensics framework
block-parser
Parser for Windows PowerShell script block logs
capa-rules
Standard collection of rules for capa: the tool for enumerating the capabilities of programs
Content-IRPowerForensics
PowerForensics provides an all in one platform for live disk forensic analysis
flare-floss
FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.
gargoyle
A memory scanning evasion technique
LiME
LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures from Android devices. It also minimizes its interaction between user and kernel space processes during acquisition, which allows it to produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition.
Mirai-Source-Code
Leaked Mirai Source Code for Research/IoC Development Purposes
osx-vm-templates
macOS templates for Packer and VeeWee.
python-pachyderm
Python client for Pachyderm
ssh-chat
Chat over SSH.
WSL2-Linux-Kernel
The source for the Linux kernel used in Windows Subsystem for Linux 2 (WSL2)