Random Python snippets for reference

DFIR IoC Unit Testing

Powershell wrapper for live memory capture using Winpmem

A collection of small scripts and howto's that where create at one point to solve a certain issue

python framework to parse logs for IR

overview and summation of digital forensics and incident response topic.

DFIR Lab in AWS

This repository contains Dockerfile for the remnux-sift Docker image published in the Docker Hub: https://hub.docker.com/r/yara0/remnux-sift

Azure Resource Graph Helper. Enumerate Azure Resources via Resource Graph to CSV

Criação de novos módulos para a ferramenta forense KAPE.

🚀 IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS through playbook automation and seamless integrations. Easily extensible and in active development. Join us in building a tool geared towards enhancing security efficiency!

An updated fork of @moaistory's WinSearchDBAnalyzer project

A collection of spooky scripts that demonstrate the potential of Large Language Models (LLMs) to support CySec tasks.

My collection of write-ups on Cyber Defender Labs provides detailed solutions to various DFIR lab challenges. Each write-up breaks down the steps, tools, and techniques used to approach and resolve each lab, serving as a resource for anyone interested in advancing their skills in cyber defense.

An updated fork of @ignacioj's WMIParserStr project

Ansible role to setup GRR Rapid Response

Free Antivirus for S3 Buckets

Invoke-LiveResponse

A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. #nsacyber

🔬 Jupyter notebook to help automate some of the forensic analysis related to Citrix Netscalers compromised via CVE-2019-19781