🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Volatility 3.0 development

Plaso Log2timeline automation script for easier OS forensics timeline analyze

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Examine, create and interact with remote objects in other .NET processes.

Cybersecurity Notes For Intermediate and Advanced Hackers | CEH Exam Prep Also Included

UNIX-like reverse engineering framework and command-line toolset

Programs and or walkthroughs relating to PicoCTF (https://picoctf.org/)

Tabroom.com Legacy Perl/Mason Code

Provides various Windows Server Active Directory (AD) security-focused reports.

Awesome collection of resources 😎 Work in progress🔥

Ingestors extract the contents of mixed unstructured documents into structured (followthemoney) data.

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

Metadata Viewer is a simple program that allows you to extract metadata from images.

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

This is a repository dedicated to the DFIR journey. Contains notes, reflections and links to tools.

Collaborative forensic timeline analysis

A tool that provides elastic and rapid filtering for efficient analysis of huge CSV files, such as eventlogs.

An encrypted and anti-forensic web chat server