nov3mb3r

november 's repositories

trident

A PowerShell incident response script for quick triage

Language:PowerShellApache-2.073 40

monte-carlo

The Office 365 log parser

Language:PythonGPL-3.010 10

dfir

Collection of popular DFIR tools in a lightweight and fast docker image

Language:DockerfileGPL-2.09 10

PipisPipe

Volatility3 plugin for named pipe enumeration

Language:PythonMIT8 10

36c3-Workshop

Material for the 36c3 workshop "A trip down the memory l̶a̶n̶e̶ dump"

3 10

laelaPS

Detect enumeration of security groups in Domain Controller

Language:PowerShellGPL-2.03 10

aion

Windows 10 Activity Timeline parser

Language:PythonGPL-2.02 10

dFT

Collection of DFIR tools incirporated all in one docker image

Language:DockerfileApache-2.02 10

DidierStevensSuite

Please no pull requests for this repository. Thanks!

Language:Python200

dnkrypt

A simple python script for perfoming cryptanalysis tasks

Language:PythonGPL-3.02 10

plaso_filters

Scripts to facilitate filtering with Plaso

100

res3rveshells.github.io

Organization's Webpage

Language:HTML100

sift-files

Random set of files that are needed for a proper configured SIFT workstation.

Language:Python1 10

ToolAnalysisResultSheet

Tool Analysis Result Sheet

Language:HTML1 10

volatility-plugins-community

Volatility plugins developed and maintained by the community

Language:Python100

yara-endpoint

Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.

Language:GoApache-2.0100

trident_KapeFiles

A list of KAPE modules ported from TRIDENT project

MIT000

AWSRoleJuggler

A toolset to juggle AWS roles for persistent access

Language:PythonMIT000

Get-Netscan

Supportive script to link processes to their network connections through netscan

Language:PowerShellMIT010

KapeFiles

This repository serves as a place for community created Targets and Modules for use with KAPE.

MIT000

plaso

Super timeline all the things

Language:PythonApache-2.0000