Filter By
Displaying results 1 - 7 of 7 (Page 1 of 1)
|
By:
|
134,013 downloads
|
Last Updated: 1/30/2016
|
Latest Version: 1.1.1
A Digital Forensics framework for Windows PowerShell. |
Module
|
By:
|
41,334 downloads
|
Last Updated: 6/30/2024
|
Latest Version: 1.16.1
This module tries to enumerate all the persistence techniques implanted on a compromised machine. |
Module
|
By:
|
7,316 downloads
|
Last Updated: 1/30/2016
|
Latest Version: 1.1.1
A Digital Forensics framework for Windows PowerShell. |
|
By:
|
4,020 downloads
|
Last Updated: 5/13/2017
|
Latest Version: 0.6.0.0
CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows. CIM/WMI obviates the need for the installation of a host-based agent. The WMI service is running by default on all versions of Windows. |
Module
|
By:
|
2,789 downloads
|
Last Updated: 2/18/2016
|
Latest Version: 1.1.1
A Digital Forensics framework for Windows PowerShell. |
|
By:
|
1,292 downloads
|
Last Updated: 12/8/2021
|
Latest Version: 1.6.1
A cloud forensics module to run threat hunting playbooks on data from Azure and O365 |
Module
|
By:
|
34 downloads
|
Last Updated: 11/15/2024
|
Latest Version: 2.0.4
The DFIR-O365RC module will extract logs from the unified audit log (using Exchange Online and Purview), Entra ID Sign In logs, Entra ID Audit Logs, Azure Monitor and Azure DevOps activity logs |