Stars
Logging Made Easy (LME) is a no cost, open source platform that centralizes log collection, enhances threat detection, and enables real-time alerting, helping small to medium-sized organizations s…
PowerShell-based Automation of Defender for Endpoint
This repository is for development of the Azure MCP Server, bringing the power of Azure to your agents.
This repo hosts an MCP server for volatility3.x
The SOLVE-IT knowledge base for digital forensics
The purpose of this repository is to share KQL queries to help identify security misconfigurations, hunt for specific patterns, or detect malicious behavior
A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters to share knowledge, collaborate on techniques, and advance t…
Extract files from Apple devices on Windows, Linux and MacOS. Mostly a wrapper for pymobiledevice3. Creates iTunes-style backups and "advanced logical backups"
Dump quarantine files from Defender. There are several tools like this, however I wanted one for my specific use case; Defender quarantine files are not in an expected file path due to a mounted dr…
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Open Keylogger Hardware Implant - USB & PS2 Keyboards
A simple USB sniffer based on Raspberry PI PICO RP2040 (pico-sdk)
FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates timelines, and detects suspicious activities.
Collection of different Azure/Entra focused solutions (Deployable templates, Function Apps, etc)
rga: ripgrep, but also search in PDFs, E-Books, Office documents, zip, tar.gz, etc.
It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving
A powerful scanner to scan your Filesystem, S3, MySQL, Redis, Google Cloud Storage and Firebase storage for PII and sensitive data.
USB Army Knife – the ultimate close access tool for penetration testers and red teamers.
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
variar / klogg
Forked from nickbnf/gloggReally fast log explorer based on glogg project
A zero dependency and customizable Python library for scanning Windows and Linux process memory.
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.