Clik here to view.
TZWorks Volume Shadow Snapshot Enumerator (vssenum)
vssenum is a command line tool that only works on Windows and its purpose it to enumerate the Volume Shadows on the host machine. The purpose of this tool was not to recreate the built in vssadmin...
View ArticleTZWorks Windows Symbol Fetch Utility (sf)
sf, short for 'symbol fetcher', is a prototype tool that gives one the flexibility to retrieve Windows component symbols in the form of PDB (Program Database) files. Normally when one is debugging...
View ArticleClik here to view.
TZWorks CSV Data eXchange (csvdx)
csvdx is a prototype command line, support tool that converts delimited data (such as CSV data) into other formats. Currently csvdx supports conversion to: (a) HTML table data, (b) JSON format, and (c)...
View ArticleClik here to view.
TZWorks Disk Utility & Packer (dup)
dup is a command line tool that was designed for clients with an enterprise license to assist their incident responders in the collection of artifacts from live endpoints. Later, after all data is...
View Articlesets.py
Perform operations on sets: union, intersection, subtraction and exclusive or. A set is a list of lines in a file, or a stream of bytes in a file.
View ArticleBrimor Labs Live Response Collection – Bambiraptor Build
utomated tool that collects volatile data from Windows, OSX, and *nix based operating systems
View ArticleBriMor Labs Windows Live Messenger iOS parser
Zipped Perl script that attempts to parse message data from Windows Live Messenger files on iOS devices
View ArticleBriMor Labs Prefetch IOC parser
Zipped Perl script that attempts to analyze Prefetch files for possible indicators of compromise
View ArticleBriMor Labs buatapa
Zipped Python script that attempts to identify items of interest from a Sysinternals autoruns.csv file
View ArticleLynis
Lynis is an open source security auditing tool. Used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux and UNIX-based systems. It runs on...
View ArticleBlackArch Linux
BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. The repository contains 1707 tools. You can install tools individually or in...
View ArticleYara
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to...
View ArticleVERIS Community Database
The purpose of the VERIS Community Database is to promote data-driven decision making and evidence-based risk management in the information security community by creating a public repository of breach...
View ArticleCyber Triage
The first step in an effective first response is to ensure that you collect the right data. Unlike other commercial tools, Cyber Triage does not require an agent to be installed on a live system....
View Article