GithubHelp home page GithubHelp logo

Welcome to my GitHub Profile!

Stats Card: https://github.com/anuraghazra/github-readme-stats

Streak Card: https://github.com/DenverCoder1/github-readme-streak-stats

Top Languages Card: https://github.com/anuraghazra/github-readme-stats

Current Events

Notable GitHub Repositories

Check out my repositories as I have a lot going on all the time!

My most actively maintained projects can be found here.

Forked/Updated DFIR Tools

I enjoy finding abandoned DFIR tools/projects on GitHub and performing basic updates to keep them relevant and useful to the DFIR community. Check out all the tools I've forked and updated (to varying degrees) here. If you have any ideas of tools or scripts that are long overdue for a tuneup, please let me know!

Projects That Need Updating

If you think the Forked/Updated DFIR Tools list is cool, here is a list of tool repositories that may be transferred to that list someday! Think of this list as a to-do list for me to add more tools to the Forked/Updated DFIR Tools list. Check out my Projects That Need Updating list here.

Side Projects

AboutDFIR

I have been a Contributor to AboutDFIR since late 2019. Be sure to check out the best DFIR resource on the planet! Let us know if you have any suggestions via the Site Feedback Form!

Digital Forensics Discord Server

Join the Digital Forensics Discord Server! Check out my beginner's guide here! Also, check out the Digital Forensics Discord Server's GitHub Organization here where there's lots of cool ongoing projects!

Books

The Hitchhiker's Guide to DFIR: Experiences From Beginners and Experts

The Digital Forensics Discord Server produced a crowdsourced book on August 15, 2022. Check it out here!

EZ Tools Manuals

Eric Zimmerman and I co-authored and published the EZ Tools Manuals on Leanpub! Check it out here!

Binary Foray

Eric Zimmerman's posts from his Binary Foray blog are now in PDF and EPUB format. Check it out here!

Andrew Rathbun's Projects

1029_crack.py icon 1029_crack.py

Crack base64(sha256(username)) hash from Microsoft Event ID 1029

adsec icon adsec

An introduction to Active Directory security

aft icon aft

Anti-Forensic Toolkit is a countermeasure application used for encrypted systems.

anti-forensics-vhdx icon anti-forensics-vhdx

A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. Please add a new issue if you have an idea for something to add.

appcompatcacheparser icon appcompatcacheparser

AppCompatCache (ShimCache) parser. Supports Windows XP, Windows 7 (x86 and x64), Windows 8.x, Windows 10, and Windows 11.

apt-hunter icon apt-hunter

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

aptsimulator icon aptsimulator

A toolset to make a system look as if it was the victim of an APT attack

awesome icon awesome

:computer: šŸŽ‰ An awesome & curated list of best applications and tools for Windows.

awesome-event-ids icon awesome-event-ids

Collection of Event ID ressources useful for Digital Forensics and Incident Response

beaconhunter icon beaconhunter

An updated fork of @3lp4tr0n's BeaconHunter. Detect and respond to Cobalt Strike beacons using ETW

binreveal icon binreveal

An updated fork of @MTJailed's BinReveal project. This is a project for analyzing files to find signatures or hidden files in a file

bmc-tools icon bmc-tools

An updated fork of RDP Bitmap Cache parser, with outstanding PRs merged

bogus icon bogus

:card_index: A simple fake data generator for C#, F#, and VB.NET. Based on and ported from the famed faker.js.

chainsaw icon chainsaw

Rapidly Search and Hunt through Windows Event Logs

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    šŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. šŸ“ŠšŸ“ˆšŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ā¤ļø Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.