Get-EnhancedWinEvent A Powershell Cmdlet that gets events from event logs and event tracing log files on local...
Forensics
pcapfex ‘Packet CAPture Forensic Evidence eXtractor’ is a tool that finds and extracts files from packet capture files. It was...
The ADTimeline script generates a timeline based on Active Directory replication metadata for objects considered of interest....
AutoMacTC: Automated Mac Forensic Triage Collector This is a modular forensic triage collection framework designed to access...
FLARE VM – a fully customizable, Windows-based security distribution for malware analysis, incident response, penetration testing, etc.....
ATTACKdatamap A datasource assessment on an event level to show potential coverage of the “MITRE ATT&CK” framework....
ThreatIngestor An extendable tool to extract and aggregate IOCs from threat feeds. Integrates out-of-the-box with ThreatKB and MISP, and can fit seamlessly...
Beagle Beagle is an incident response and digital forensics tool which transforms data sources and logs into...
ExtAnalysis Browser Extension Analysis Framework With ExtAnalysis you can : Download & Analyze Extensions From: Chrome Web...
ir-rescue ir-rescue is composed of two sister scripts that collect a myriad of forensic data from 32-bit and 64-bit Windows systems (ir-rescue-win)...
AD ACL Scanner A tool completely is written in PowerShell. A tool with GUI used to create...
Logparser Logparser provides a toolkit and benchmarks for automated log parsing, which is a crucial step towards...
ee-outliers ee-outliers is a framework to detect outliers in events stored in an Elasticsearch cluster. The framework...
AutoTimeliner Automagically extract forensic timeline from volatile memory dumps. How it works AutoTimeline automates this workflow: Identify the...
Office365 Log Analysis Framework (OLAF) OLAF is a collection of tools, scripts, and analysis techniques dealing with...