Stars
React app for inspecting, building and debugging with the Realtime API
This is the official source code of FreeCAD, a free and opensource multiplatform 3D parametric modeler.
This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.
This repository contains Community and Field contributed content for LogScale
Ghidra is a software reverse engineering (SRE) framework
JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
Framework for Man-In-The-Middle attacks
A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses
An open standard for hashing network flows into identifiers, a.k.a "Community IDs".
A network sniffer that logs all DNS server replies for use in a passive DNS setup
These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.
A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
ATT&CK Remote Threat Hunting Incident Response
Repository of the presentations that I have given and released.
Automatically exported from code.google.com/p/l2t-tools
Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science
A python script developed to process Windows memory images based on triage type.
A repository of DFIR-related Mind Maps geared towards the visual learners!
A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhance the output of those tools
A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit