Skip to content
@fox-it

Fox-IT

Part of NCC Group

Popular repositories Loading

  1. dissect dissect Public

    Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (pa…

    957 71

  2. aclpwn.py aclpwn.py Public

    Active Directory ACL exploitation with BloodHound

    Python 716 108

  3. Invoke-ACLPwn Invoke-ACLPwn Public

    PowerShell 518 87

  4. log4j-finder log4j-finder Public

    Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)

    Python 435 95

  5. cve-2019-1040-scanner cve-2019-1040-scanner Public

    Python 293 56

  6. dissect.cstruct_legacy dissect.cstruct_legacy Public

    A no-nonsense c-like structure parsing library for Python

    Python 238 24

Repositories

Showing 10 of 85 repositories
  • acquire Public

    acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.

    fox-it/acquire’s past year of commit activity
    Python 94 AGPL-3.0 30 33 (7 issues need help) 3 Updated Feb 27, 2025
  • dissect.target Public

    The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets).

    fox-it/dissect.target’s past year of commit activity
    Python 51 AGPL-3.0 53 118 (1 issue needs help) 20 Updated Feb 27, 2025
  • dissect.cstruct Public

    A Dissect module implementing a parser for C-like structures.

    fox-it/dissect.cstruct’s past year of commit activity
    Python 43 Apache-2.0 18 7 (1 issue needs help) 4 Updated Feb 26, 2025
  • dissect-add-on-for-splunk Public

    A splunk plugin that provides sourcetyping for ingestion and processing of dissect records

    fox-it/dissect-add-on-for-splunk’s past year of commit activity
    2 AGPL-3.0 1 0 0 Updated Feb 20, 2025
  • flow.record Public

    Recordization library

    fox-it/flow.record’s past year of commit activity
    Python 7 AGPL-3.0 11 5 2 Updated Feb 20, 2025
  • dissect.etl Public

    A Dissect module implementing a parser for Event Trace Log (ETL) files, used by the Windows operating system to log kernel events.

    fox-it/dissect.etl’s past year of commit activity
    Python 2 AGPL-3.0 3 3 0 Updated Feb 19, 2025
  • dissect.cim Public

    A Dissect module implementing a parser for the Windows Common Information Model (CIM) database, used in the Windows operating system.

    fox-it/dissect.cim’s past year of commit activity
    Python 5 AGPL-3.0 5 1 0 Updated Feb 19, 2025
  • dissect-docs Public

    Dissect documentation project

    fox-it/dissect-docs’s past year of commit activity
    7 AGPL-3.0 7 1 1 Updated Feb 18, 2025
  • dissect.shellitem Public

    A Dissect module implementing a parser for the Shellitem structures, commonly used by Microsoft Windows.

    fox-it/dissect.shellitem’s past year of commit activity
    Python 2 AGPL-3.0 3 1 0 Updated Feb 18, 2025
  • dissect.eventlog Public

    A Dissect module implementing parsers for the Windows EVT, EVTX and WEVT log file formats.

    fox-it/dissect.eventlog’s past year of commit activity
    Python 6 AGPL-3.0 3 4 0 Updated Feb 18, 2025
View all repositories