Martin Willing

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

evild3ad

Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR

evild3ad

Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE

evild3ad

isodump - ISO dump utility

evild3ad

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID

evild3ad