live-response

There are 1 repository under live-response topic.

tclahr / uac
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
incident-response forensics computer-forensics triage linux aix solaris macos openbsd freebsd netbsd dfir netscaler esxi live-response shell security terminal script collector
Language:Shell 706
evild3ad / MemProcFS-Analyzer
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
powershell incident-response dfir digital-forensics memprocfs memory-forensics live-response
Language:PowerShell 431
cyb3rmik3 / MDE-DFIR-Resources
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
curated-collections curated-list dfir digital-forensics digital-forensics-incident-response incident-response kql kusto kusto-query kusto-query-language live-response mde microsoft microsoft-defender-for-endpoint resources
335
evild3ad / Collect-MemoryDump
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
powershell dfir digital-forensics incident-response live-response memory-acquisition memory-forensics
Language:PowerShell 212
lawndoc / mediator
An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.
reverse-shell end-to-end-encryption security-tools live-response pentesting pentesting-tools socket-programming python-script reverse-shells handlers python python3 python-3 red-team red-teaming incident-response-tooling incident-response plugins plugin-system
Language:Python 97
op7ic / unix_collector
unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
unix blueteam forensics freebsd linux openbsd posix script computer-forensics dfir dfir-automation live-response solaris incident-response forensics-tools security triage esxi
Language:Shell 29
21gramaz / Powershell-SIR
This is a Live Response script to help incident responders to acquire data, contain and recover.
incident-response live-response powershell-script security
Language:PowerShell 6
LazyAlpaka / ifrit
Incident Forensic Response In Terminal script for linux
dfir forensic incident-response linux live-response script shell terminal triage best-practices information-gathering information-security linux-security collection
Language:Shell 6
iidx / PSListCopy
File and file meta information collect using PowerShell in Live Response environment.
forensics live-response dfir powershell
Language:Python 3
0xThiebaut / Zipit
A Firefox extension to encrypt files downloaded through Microsoft 365 Defender's Live Response Sessions.
live-response microsoft-365-security infected zip malware
Language:TypeScript
iidx / IIS-AppHostParser
Parse IIS applicationHost.config to generate CSV file.
forensics live-response dfir iis
Language:Python

live-response

tclahr / uac

evild3ad / MemProcFS-Analyzer

cyb3rmik3 / MDE-DFIR-Resources

evild3ad / Collect-MemoryDump

lawndoc / mediator

op7ic / unix_collector

21gramaz / Powershell-SIR

LazyAlpaka / ifrit

iidx / PSListCopy

0xThiebaut / Zipit

iidx / IIS-AppHostParser