Kevin - Stark 4N6's starred repositories
KQL-threat-hunting-queries
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
MFTAnalyzer
This tool is meant to parse an NTFS $MFT file.
FLARE-VM-configs
These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help streamline the installation.
MasterParser
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
usnjrnl_rewind
USN Journal full path builder
Microsoft-Analyzer-Suite
A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
airdropmsisdn
Attempts to reverse a given partial hash to a phone number (or email) given the area code. Written for python3.
malware-tools
A list of useful tools for Malware Analysis (will be updated regularly)
pymobiledevice3
Pure python3 implementation for working with iDevices (iPhone, etc...).
jekyll-theme-chirpy
A minimal, responsive, and feature-rich Jekyll theme for technical writing.
protobuf-inspector
🕵️ Tool to reverse-engineer Protocol Buffers with unknown definition
UnifiedLogReader
A parser for Unified logging tracev3 files
DFIR-Regular-Expressions
Regular Expressions List used in Digital Forensic Tasks
PySimpleGUI-4-foss
Mirror of the last GPL version of PySimpleGUI repository
Registry-Write-Block
Short scripts which use the registry to enable or disable write-blocking for removable disks
ExplorerPatcher
This project aims to enhance the working environment on Windows
Magnet-RESPONSE-PowerShell
PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.
firefox-data-store-docs
Repo containing documentation regarding Firefox data stores across all platforms