Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Awesome-KAPE
A curated list of KAPE-related resources
https://github.com/AndrewRathbun/Awesome-KAPE
Last synced: about 13 hours ago
JSON representation
-
Tool-Related GitHub Repos
-
KAPE
- KapeFiles - This repository contains all the Targets and Modules utilized by KAPE to collect and process forensic artifacts
- KapeDocs - This repository serves as the backend for KAPE's Official Documentation, linked [here](https://ericzimmerman.github.io/KapeDocs/)
- CyberPipe
- DFRWS-2019-KAPE-Workshop
- ForensicImageKAPEOutput
- Get-KapeModuleBinaries
- Get-MiniTimeline
- Heed
- Invoke-Forensics
- Invoke-Kape
- IRCP
- iTunes_Backup_Reader
- Kape2ADX
- kape-at-scale
- KAPE-Automation
- KAPE-Binary-Downloads
- kape-remote-collections
- KAPE_Tools
- KAPEConfigurationFIles
- KapeMisc
- KapeStrike
- RemoteKapeTriage
- KapeFiles GitHub Project
- kape_info.py
-
EZ Tools
- AmcacheParser
- AppCompatCacheParser
- bstrings
- EvtxECmd
- JLECmd
- LECmd
- MFTECmd
- PECmd
- RBCmd
- RecentFileCacheParser
- RECmd
- RegistryPlugins
- SQLECmd
- SrumECmd
- SumECmd
- WxTCmd
- Eric Zimmerman's Tools
- Eric Zimmerman - authored EZ Tools Manuals on Leanpub. You can find the book [here](https://leanpub.com/eztoolsmanuals)!
- Maps
- EvtxECmd GitHub Project
- BatchExamples
- RECmd Kroll Batch GitHub Project
- Registry Explorer Plugins GitHub Project
- Registry Explorer Bookmarks GitHub Project
- Maps
- SQLECmd GitHub Project
-
-
Updating KAPE and EZ Tools
-
EZ Tools
- KAPE-EZToolsAncillaryUpdater - Keep KAPE and all tools located within `.\KAPE\Modules\bin\*` updated with a single PowerShell script!
-
-
Official KAPE Links
- Download KAPE - Be sure to submit the form with ad blocking (and similar) extensions disabled for successful form submission. Alternatively, submit the form in an Incognito/Private window
- KAPE Enterprise License
- KAPE Quarterly Update – Q1 2021
- KAPE Quarterly Update – Q2 2021
- KAPE Quarterly Update – Q3 2021
- KAPE Quarterly Update - Q1 2022
- KAPE Quarterly Update - Q2 2022
- KAPE Quarterly Update - Q3 2022
- KAPE Quarterly Update - Q4 2022
- KAPE Quarterly Update - Q1 2023
- KAPE Quarterly Update - Q2 2023
- KAPE Quarterly Update - Q3 2023
- KapeTriage MindMap for DFIR Practitioners
- Kroll Artifact Parser and Extractor (KAPE) Official Demo
- KAPE Quarterly Update – Q4 2021
- KAPE Quarterly Update - Q4 2023
- KAPE Quarterly Update – Q1 2021
- KAPE Quarterly Update – Q2 2021
- KAPE Quarterly Update – Q3 2021
-
Resources
-
Blog Posts/Guides
- AboutDFIR's KAPE Guide
- Adding RAM Collections to KAPE Triage
- Forensically Unpacking EventTranscript.db: An Investigative Series
- Parsing EventTranscript.db With KAPE and SQLECmd
- KAPE at Scale
- KAPE batch mode, ARM Memory, updates to CSIRT-Collect, and all the things I learned along the way.
- Remote collection of Windows Forensic Artifacts using KAPE and Microsoft Defender for Endpoint.
- SOF-ELK and Integration with KAPE
- Exploring KAPE’s Graphical User Interface in v0.8.2.0
-
-
Mind Maps
-
Blog Posts/Guides
-
-
SANS Poster
-
Blog Posts/Guides
-
YouTube Videos
- A Guide to Eric Zimmerman's command line tools (EZ Tools)
- Behind The Incident Eric Zimmerman
- Child Exploitation Investigation – Express Analysis with KAPE
- Computer Forensics Tools | Kroll Artifact Parser and Extractor | TryHackMe KAPE
- Conducting Efficient Insider Threat Investigations using KAPE
- Enabling KAPE at Scale
- Enhancing Event Log Analysis with EvtxEcmd using KAPE
- Episode 80: Learning about the KAPE tool.
- Episode 81: Understanding and Using KAPE Target Files
- Episode 86: Reviewing the Output Created by KAPE
- Episode 82: Understanding and Using KAPE Module Files
- Episode 83: Explaining the KAPE GUI Version -Target Side
- Episode 84: Explaining the KAPE GUI Version - Module Side
- Episode 85: Running KAPE through the GUI Version
- Episode 87: Introducing and Using Timeline Explorer
- Episode 88: Comparing EZViewer to Other Free File Viewers
- Episode 89: Finding Forensic Badness in 3 Minutes or Less
- EZ Tools/KAPE: How to Contribute to and Benefit from Open Source Contributions
- How to Use KAPE and SQLECmd with EventTranscript.db
- Introduction to KAPE
- KAPE + EZ Tools and Beyond - OSDFCon 2019 - Eric Zimmerman
- Triage Collection and Timeline Analysis with KAPE
- A Guide to Eric Zimmerman's command line tools (EZ Tools)
- Episode 85: Running KAPE through the GUI Version
- Behind The Incident Eric Zimmerman
- Child Exploitation Investigation – Express Analysis with KAPE
- Computer Forensics Tools | Kroll Artifact Parser and Extractor | TryHackMe KAPE
- Conducting Efficient Insider Threat Investigations using KAPE
- Enabling KAPE at Scale
- Enhancing Event Log Analysis with EvtxEcmd using KAPE
- Episode 80: Learning about the KAPE tool.
- Episode 81: Understanding and Using KAPE Target Files
- Episode 82: Understanding and Using KAPE Module Files
- Episode 83: Explaining the KAPE GUI Version -Target Side
- Episode 84: Explaining the KAPE GUI Version - Module Side
- Episode 86: Reviewing the Output Created by KAPE
- Episode 87: Introducing and Using Timeline Explorer
- Episode 88: Comparing EZViewer to Other Free File Viewers
- Episode 89: Finding Forensic Badness in 3 Minutes or Less
- How to Use KAPE and SQLECmd with EventTranscript.db
- Introduction to KAPE
- KAPE + EZ Tools and Beyond - OSDFCon 2019 - Eric Zimmerman
- Triage Collection and Timeline Analysis with KAPE
-
Categories
Sub Categories
Keywords
kape
8
dfir
5
forensics
5
triage
2
digitalforensics
2
incident-response
2
powershell-script
2
powershell
2
itunes
1
ios
1
backups
1
regripper
1
powershell-scripts
1
timeline
1
digital-forensics
1
training
1
csv
1
kroll
1
eztools
1
ntfs
1
mft
1
windows
1
evtx
1
eventlog
1
event
1
threathunting
1
information-security
1
information-gathering
1
forensic-analysis
1
cybersecurity
1
digital-forensics-incident-response
1
mobile
1
itunes-backups
1
gkape
1