andrewrathbun
DFIR @ Unit 42, Admin of the Digital Forensics Discord Server, USMC Veteran, Former LE.
Funding Links: https://github.com/sponsors/AndrewRathbun
- Name: Andrew Rathbun
- Location: Michigan
- Company: Unit 42
- Kind: user
- Followers: 490
- Following: 241
- Total stars: 1806
- Repositories count: 202
- Created at: 2022-11-17T14:18:45.161Z
- Updated at: 2025-03-25T06:11:14.973Z
- Last synced at: 2025-03-25T06:11:14.972Z
GitHub Sponsors Profile
I love sharing with the community and I want to continue doing so! Any support is appreciated!
- Current Sponsors: 0
- Past Sponsors: 0
- Total Sponsors: 0
- Minimum Sponsorship: $5.00
Featured Works
AndrewRathbun/DFIRArtifactMuseum
The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifa…
Language: HTML - Stars: 585AndrewRathbun/KAPE-EZToolsAncillaryUpdater
A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhance the output of those tools
Language: PowerShell - Stars: 55AndrewRathbun/DFIRMindMaps
A repository of DFIR-related Mind Maps geared towards the visual learners!
Language: - Stars: 517nasbench/EVTX-ETW-Resources
Event Tracing For Windows (ETW) Resources
Language: Python - Stars: 369AndrewRathbun/VanillaWindowsReference
A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare and see what's been added with each update. Use these CSVs t…
Language: - Stars: 155AndrewRathbun/VanillaWindowsRegistryHives
A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of every Windows OS version to compare and see what's been added w…
Language: - Stars: 45Active Sponsorships
ericzimmerman
Past Sponsorships
View All
kacos2000
Sponsorship Breakdown by Kind
- User: 2