Dump of organized knowledge on DFIR

an open source ransomware honeypot

Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries

Set of utilities for getting information about Windows Events

Resources for HFS+ Forensics

📫 The Phishing Intelligence Engine - An Active Defense PowerShell Framework for Phishing Defense with Office 365

Indicators of Compromises (IOC) of our various investigations

Pure Python parser for Windows Event Log files (.evtx)

A post-exploitation powershell tool for extracting juicy info from memory.

Personal repository for all ctf related stuffs

PowerShell for every system!

🏴 Collection of CTF solutions

Competition Writeups

Contains all ctf scripts

An informational repo about hunting for adversaries in your IT environment.

PowerForensics provides an all in one platform for live disk forensic analysis

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to invest…

PowerShell module to import/export Excel spreadsheets, without Excel

Microsoft Azure PowerShell

PowerSploit - A PowerShell Post-Exploitation Framework

Detects DLL hijacking in running processes on Windows systems

Web framework that allows performing periodic syncs of data sources and performing analysis on the identified results

A collection of cheatsheets for various infosec tools and topics.

An advanced memory forensics framework

GRR Rapid Response: remote live forensics for incident response

Customizable Windows terminal with tabs, splits, quake-style, hotkeys and more