This repository serves as a place for community created Targets and Modules for use with KAPE.
A repository of DFIR-related Mind Maps geared towards the visual learners!
翻译 - 面向视觉学习者的 DFIR 相关思维导图存储库!
#Awesome#A curated list of KAPE-related resources
Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhance the output of those tools
Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE
A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. Please add a new issue if you have an idea for something to add....
A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!
A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing open-source tools, such as Kape (Kroll Artifact Parser and Extra...
A powershell tool that automate the remote forensic evidence adquisitions (triage) from Remote windows machines, using KAPE tool.
Archive of presentations shared with the DFIR community.
Orchestration Software for Incident Response
ENGLISCH LERNEN · LEARN ENGLISH · APRENDER INGLÉS · APPRENDRE L'ANGLAIS
DEUTSCH LERNEN · LEARN GERMAN · APRENDER ALEMÁN · APPRENDRE L'ALLEMAND
SPANISCH LERNEN · LEARN SPANISH · APRENDER ESPAÑOL · APPRENDRE L'ESPAGNOL