Mark Hallman's repositories
plaso_filters
Scripts to facilitate filtering with Plaso
kape-at-scale
Repo for code, techniques, ideas and questions about implementing KAPE at Scale
DFRWS-2019-KAPE-Workshop
Slides, scripts, notes, link, etc from my 2019 DFRWS KAPE Workshop
Process-EventLogs
Process select Event Logs and Event ID's with EvtxECmd
Get-KapeModuleBinaries
Parses KAPE module files and downloads binaries referenced by BinaryURL
scripts_configs
Various scripts and config files
sec401-win11-notes
Notes & scripts related to the SEC401 Windows 11 redo
evtx
C# based evtx parser with lots of extras
HashiCorp-Packer-in-Production
HashiCorp Packer in Production, Published by Packt
kape-min
A sample minimal "install" of KAPE for testing with powershell remoting.
KapeFiles
This repository serves as a place for community created Targets and Modules for use with KAPE.
mdwiki-examples
A collection of example wesbites created with MDwiki
sec566-vm-build-notes
Notes, files, and scripts related to the J01 build of SEC566 Windows 11 Audit VM.
timesketch
Collaborative forensic timeline analysis