VOOZH

URL: https://github.com/topics/kape

⇱ kape · GitHub Topics · GitHub

#

kape

Here are 25 public repositories matching this topic...

EricZimmerman / KapeFiles

This repository serves as a place for community created Targets and Modules for use with KAPE.

triage kape gkape

Updated

AndrewRathbun / DFIRMindMaps

A repository of DFIR-related Mind Maps geared towards the visual learners!

mindmaps dfir rdp ntfs tcpdump kape digitalforensics eztools

Updated

jfarley248 / iTunes_Backup_Reader

Python 3 Script to parse out iTunes backups

backups ios mobile itunes forensics dfir kape itunes-backups

Updated
Python

AndrewRathbun / Awesome-KAPE

A curated list of KAPE-related resources

awesome dfir awesome-list kape digitalforensics eztools

Updated

swisscom / Invoke-Forensics

Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.

forensics powershell-scripts regripper kape

Updated
PowerShell

AndrewRathbun / DFIRRegex

A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.

regex dfir grep kape digitalforensics eztools

Updated

AndrewRathbun / KAPE-EZToolsAncillaryUpdater

A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhance the output of those tools

powershell dfir powershell-script kape digitalforensics eztools

Updated
PowerShell

AndrewRathbun / DFIRPowerShellScripts

Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!

powershell incident-response dfir kape computerforensics digitalforensics eztools

Updated
PowerShell

AndrewRathbun / EventTranscript.db-Research

A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.

dfir windows10 research-and-development kape digitalforensics windows11 eztools

Updated

evild3ad / Get-MiniTimeline

Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE

timeline powershell incident-response dfir digital-forensics kape

Updated
PowerShell

AndrewRathbun / Anti-Forensics-VHDX

A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. Please add a new issue if you have an idea for something to add.

dfir antiforensics kape computerforensics digitalforensics

Updated
HTML

AndrewRathbun / ForensicImageKAPEOutput

A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!

training csv dfir kape digitalforensics

Updated

dwmetz / Presentations

DFIR Presentations

powershell memory malware dfir malware-analysis yara triage kape

Updated

maxspl / OSIR

Orchestration Software for Incident Response

windows linux incident-response orchestration forensics dfir triage kape dfir-automation dfir-orc

Updated
Python

SAP-archive / forensic-artifact-automation

A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing open-source tools, such as Kape (Kroll Artifact Parser and Extractor), to forensically acquire and process necessary artifact used in compromise assessments. Additional scripts provide pre-processing automation …

microsoft aws for powershell live dfir response defender endpoint kape

Updated
PowerShell

Richard1611 / RemoteKapeTriage

A powershell tool that automate the remote forensic evidence adquisitions (triage) from Remote windows machines, using KAPE tool.

powershell incident-response forensics cybersecurity information-security powershell-script triage forensic-analysis information-gathering threathunting kape

Updated
PowerShell

keyboardcrunch / Invoke-Kape

Remote KAPE collection using powershell

forensics dfir kape

Updated
PowerShell

AndrewRathbun / Sync-EZTools

A short, focused PowerShell script to automate ensuring that all instances of EZ Tools in a given path have updated ancillary files

powershell dfir kape digitalforensics eztools

Updated
PowerShell

AndrewRathbun / SQLECmd

This repository serves as a place for community created SQLECmd Maps for use with SQLECmd.

sqlite dfir kape digitalforensics eztools

Updated
C#

0x0allenace / velociraptor-forensic-triage-kape

A DFIR lab demonstrating rapid forensic triage and artifact collection using Velociraptor and KAPE in response to a Mimikatz alert.

incident-response dfir cybersecurity threat-hunting digital-forensics forensic-analysis blue-team kape velociraptor endpoint-forensics

Updated

Improve this page

Add a description, image, and links to the kape topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the kape topic, visit your repo's landing page and select "manage topics."

You can’t perform that action at this time.