Mike Cohen's repositories
velociraptor
Velociraptor hunts for evil...
awesome-incident-response
A curated list of tools for incident response
sandbox-attacksurface-analysis-tools
Set of tools to analyze Windows sandboxes for exposed attack surface.
assert
A simple assertion library using Go generics
blackfriday
Blackfriday: a markdown processor for Go
DFIRArtifactMuseum
The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifacts that may no longer be readily available anymore.
etw-providers-docs
Document ETW providers
EVTX-ATTACK-SAMPLES
Windows Events Samples
fb-util-for-appx
Create .appx files.
go-ese
Go implementation of an Extensible Storage Engine parser
go-libaudit
go-libaudit is a library for communicating with the Linux Audit Framework.
impacket
Impacket is a collection of Python classes for working with network protocols.
pywintrace
ETW Python Library
sigma-go
A Go implementation and parser for Sigma rules.
tccprofile
Creates a TCC profile for new Privacy Payloads in macOS Mojave
velociraptor-docs
Documentation site for Velociraptor