Collection of Incident Response scripts.
#Scripts#
- bhistory.py - Parse Firefox or Chrome browser history.
- ipquery.py - Query VT for information on the IP.
- ipinfo.py - Get information about an ip address.
- gsbcheck.py - Query Google SafeBrowse for URL
- fglookup.py - Check FortiGuard Rep or Blacklist
- dridex-xml.py - Extract compressed Dridex document from xml file.
- alienspy-decrypt - Extract AlienSpy Properties (config.xml) or the packed jar file.
- hawkeye-decrypt.ps1 - Configuration decryptor for Hawkeye/GolRoted Key Logger.