Airbus CERT

kerberos in rust for fun and profit

A modern Python-3-based alternative to RegRipper

Powershell/Javascript deobfuscator based on tree-sitter

Detect unsafe chroot regarding NSS databases based on ebpf

Perform ADB commands in the browser

Load any Beacon Object File using Powershell!

Powershell grammar for tree-sitter

Yet Another Ghidra Integration for IDA

Time Travel Debugging IDA plugin

A wireshark plugin to instrument ETW

An IDA Plugin that help analyzing module that use COM

A rewrite of mactime, a bodyfile reader

A list of IDA Plugins

An IDA plugin to deal with Event Tracing for Windows (ETW)

Extract data of TTD trace file to a minidump

Event Trace Log file parser in pure Python

An eBPF detection program for CVE-2022-0847

Volatility plugin to deal with windows kerberos security provider, list, carve and dump Tickets

A multi-platform .Net wrapper library for the native Yara library.

The hidden mstsc recorder player

Volatility 3.0 development

Powershell Event Tracing Toolbox

Scanner for CVE-2024-4040

Trace ScriptBlock execution for powershell v2

Crawl the blockchain to retreive the domains used by a ClickFix campaign

Use YARA rules on Time Travel Debugging traces

Our website

Reproducible forensics environment, 100% of the time

A fast, minimalist and responsive hugo theme for bloggers.

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis