macOS (& ios) Artifact Parsing Tool

UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of U…

Python decompiler for 3.7-3.8 Stripped down from uncompyle6 so we can refactor and start to fix up some long-standing problems

Devirtualize Virtual Calls

External version of my class dumper tool :) no injection needed

Injected GUI (Based on ImGui) Tool for inspecting and dumping MSVC Virtual Classes

IDAPython tool for creating automatic C++ virtual tables in IDA Pro

Official x64dbg plugin for IDA Pro.

c0r0n4con talk 12 april 2020

OpenDNS Data Visualization Framework

A fast and powerful alternative to grep

An informational repo about hunting for adversaries in your IT environment.

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

Log newly created WMI consumers and processes to the Windows Application event log

Binary analysis and management framework

DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text files following their DNS existence, localization or attributes.

VolatilityBot – An automated memory analyzer for malware samples and memory dumps

Sysmon configuration file template with default high-quality event tracing

Gephi - The Open Graph Viz Platform

This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/rem…

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

pefile is a Python module to read and work with PE (Portable Executable) files

Clearcut is a tool that uses machine learning to help you focus on the log entries that really need manual review

"Evolving AppCompat/AmCache data analysis beyond grep"

Perl Multithreaded Multipart sync to Amazon Glacier

A python module for reading and changing status of verisure devices through verisure app api.

🏡 Open source home automation that puts local control and privacy first.

Local and Remote Maltego Rapid Transform Development Framework