Parser for Windows PowerShell script block logs

The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifa…

Digging Deeper....

LotL RMM

Documentation site for Velociraptor

This repository serves as a place for community created Targets and Modules for use with KAPE.

Main Sigma Rule Repository

Powershell Based tool for gathering information related to O365 intrusions and potential Breaches

C# based evtx parser with lots of extras

A resource containing all the tools each ransomware gangs uses

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler…

RDP Bitmap Cache parser

This is the development tree. Production downloads are at:

The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson

Carve file metadata from NTFS index ($I30) attributes