A repository hosting example goodware evtx logs containing sample software installation and basic user interaction

Generic Signature Format for SIEM Systems

A comprehensive collection of cybersecurity information sources, news providers, and security resources.

Syncthing Windows Setup

Utility to convert JSON data (for content you own) from 5etools or pf2etools into Obsidian-friendly Markdown.

Takajō (鷹匠) is a Hayabusa results analyzer.

FUSE driver for APFS (Apple File System)

Converts Sigma detection rules to a Splunk alert configuration.

An opensource sigma conversion tool built using pysigma

Firefox extension for managing tabs and bookmarks in sidebar.

A framework for developing alerting and detection strategies for incident response.

MAL-CL (Malicious Command-Line)

Removes large or troublesome blobs like git-filter-branch does, but faster. And written in Scala

ICS/OT related Wireshark profiles + adding some other (IT or OT related) Open Source Wireshark Profiles

Volatility 3.0 development

Here is my Wireshark Profiles repository. These ZIP files contain profiles that can be added to your Wireshark configuration to speed up troubleshooting and packet analysis in Wireshark. Please sup…

The pattern matching swiss knife

C# based evtx parser with lots of extras

Lnk Explorer Command line edition!!

Automatic and Custom Destinations jump list parser with Windows 10 support

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Harness the power of Splunk for your investigations

Plugin folder required to use my templates with Proxyshop

Play your favorite games in a borderless window; no more time consuming alt-tabs.