Digital Sleuth's Projects
MAT Salt States
Parse Manifest.mbdb files from iTunes backup directories
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
A parser for the MFT (Master File Table) format
$MFT directory tree reconstruction & FILE record info
$MFT Record Viewer
Carve files for MFT entries (eg. blkls output or memory dumps). Recovers filenames (long & short), timestamps ($STD & $FN) and data if resident. It will also parse half broken entries as long as at least one $FN entry is ok.
Project to Quick Migrate From pfSense firewall to OPNSense With Easy
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Scripts developed to help in mobile forensics investigations
An updated version of the Didier Stevens Network Appliance Forensic Toolkit
Don't know what type of hash it is? Name That Hash will name that hash type! š
A script for parsing Reddit and Twitter for ETH addresses during an NFT Giveaway
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
NSIS Reversing Suite with IDA Plugins
Active Directory forensic framework
Viewing NTFS alternate streams in files
Parses ntlmssp netlm[v2] hashes out of a pcap file for use with a password cracker.
Extract embedded files and macros from office documents.
OpenLV helps first responders quickly and safely interact with potential evidence much as if they sat down and interacted with a suspect PC
Full resolution images of the O RLY book covers made by The Practical Dev
The Volatility Collaborative GUI
OSINT Framework
Parse the Mac Quickook index.sqlite database
Windows Templates for Packer: Win10, Server 2016, 1709, 1803, 1809, 2019, 1903, 1909, 2004, Insider with Docker
Python script to create an object flow of PDF data input from pdf-parser
Powerful Python tool to analyze PDF documents
A Python 3 upgrade to Peepdf
pefile is a Python module to read and work with PE (Portable Executable) files
PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.