My Tools

Check all of my tools in Github 🙂

Notepad Parser
Windows Parsing

Notepad Parser

A Rust parser for Notepad TabState artifact

Fennec
Linux MacOS Triage

Fennec

fennec is an artifact collection tool written in Rust to be used during incident response on *nix based systems

Rhaegal
Windows Detection

Rhaegal

Rhaegal is a tool used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect suspicious/malicious logs

EventLogMonitor
Windows Monitor

EventLogMonitor

EventLogMonitor hooks into Windows Event Logs and displays new events as they are written to the log

winparsingtools
Windows Parsing

winparsingtools

collection of structs and utilities for parsing windows binary formats.

LNK Parser
Windows Parsing

LNK Parser

Full rust implementation to parse windows LNK files

CryptnetURLCache Parser-rs
Windows Parsing

CryptnetURLCache Parser-rs

A rust parser for CryptnetURLCache metadata files.