kape

This repository serves as a place for community created Targets and Modules for use with KAPE.

A repository of DFIR-related Mind Maps geared towards the visual learners!

Python 3 Script to parse out iTunes backups

A curated list of KAPE-related resources

Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.

A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.

A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhance the output of those tools

A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.

A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. Please add a new issue if you have an idea for something to add.

Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE

A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!

Remote KAPE collection using powershell

A powershell tool that automate the remote forensic evidence adquisitions (triage) from Remote windows machines, using KAPE tool.

Archive of presentations shared with the DFIR community.

A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing open-source tools, such as Kape (Kroll Artifact Parser and Extractor), to forensically acquire and process necessary artifact used in compromise assessments. Additional scripts provide pre-processing automation …

This repository serves as a place for community created SQLECmd Maps for use with SQLECmd.

ENGLISCH LERNEN · LEARN ENGLISH · APRENDER INGLÉS · APPRENDRE L'ANGLAIS

Entrepreneuriat Étudiant Européen

omniscient currencies tokens

FRANZÖSISCH LERNEN · LEARN FRENCH · APRENDER FRANCÉS · APPRENDRE LE FRANÇAIS