herootx's repositories
capa
The FLARE team's open-source tool to identify capabilities in executable files.
salt-states
This repository maintains the SaltStack state files for the REMnux distro.
IPED
IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.
uac
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
threat-intel
Signatures and IoCs from public Volexity blog posts.
bitscout
Remote forensics meta tool
auditd
Best Practice Auditd Configuration
Windows-Symbol-Tables
Windows symbol tables for Volatility 3
bulk_extractor
This is the development tree. Production downloads are at:
volatility3-docker
Volatility, on Docker 🐳
bmc-tools
RDP Bitmap Cache parser
porch-pirate
Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, collections, requests, users and teams. Porch Pirate can be used as a client or be incorporated into your own applications.
Telerecon
A reconnaissance framework for researching and investigating Telegram.
Aurora-Incident-Response
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
ote
Generate Email, Register for anything, Get the OTP/Link
dumpit-linux
Compiled code for the memory acquisition tools for Linux provided by Magnet Forensics
Awesome-Search-Engines-for-Cybersecurity-Researchers
Awesome list of Search Engines for Cybersecurity Researchers
PoC-Mon
Monitoring github for CVE PoC repos using Flaskapi .
sof-elk
Configuration files for the SOF-ELK VM, used in SANS FOR572
ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
RegRipper3.0
RegRipper3.0
ContainYourself
A POC of the ContainYourself research presented in DEF CON 31, which abuses the Windows containers framework to bypass EDRs.
BlackLotus
BlackLotus UEFI Windows Bootkit
LTESniffer
An Open-source LTE Downlink/Uplink Eavesdropper
TakeMyRDP
A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing it to record keystrokes in certain contexts (like in mstsc.exe and CredentialUIBroker.exe)
Awesome_Incident_Response
Awesome Incident Response
lime
Linux Memory Extraction