Pinned Loading

1. GraphAudit GraphAudit Public

   GraphAudit is a security auditing tool for Microsoft Entra ID that uses the Microsoft Graph API to detect risks and misconfigurations. It analyses Service Principal and Application–related objects,…

   Python

2. OverWatch OverWatch Public

   OverWatch is a small forensics and monitoring tool designed to log command-line activity for targeted users on the Solaris 10 operating system. It operates by intercepting system calls and is inten…

   C

3. WuTamp WuTamp Public

   WuTamp is a forensic tool designed to parse corrupted `wtmpx` and `utmpx` files from Solaris hosts. Attackers may intentionally corrupt these log files, sometimes by inserting bytes at the beginnin…

   C

4. CoreTrawler CoreTrawler Public

   Coretrawler is a data forensics utility for Solaris designed to scan raw disk devices on a live host for core dump files. It can parse core files to extract information such as the process name, ex…

   C

5. WebLogHunter WebLogHunter Public

   WebLogHunter is a tool for parsing and analysing web server access logs to detect suspicious activity. It normalises logs into a standard DataFrame format for efficient querying and applies risk-sc…

   Python

6. Cabbage Cabbage Public

   Cabbage is a simple python-based wrapper designed to automate and simplify post-mortem analysis of Solaris 10 kernel crash dumps and uncover evidence of rootkits and malicious activity.

   Python