The Wayback Machine - https://web.archive.org/web/20210901073250/https://github.com/rathbuna
Skip to content
Avatar
🏠
Working from home
🏠
Working from home
52 followers · 81 following · 291

Sponsoring

@EricZimmerman

Achievements

GitHub Sponsor

Achievements

GitHub Sponsor

Highlights

  • Pro

Organizations

@Digital-Forensics-Discord-Server
Block or Report

Block or report rathbuna

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
rathbuna/README.md

Welcome to my GitHub Profile!

Andrew Rathbun's GitHub Stats

Current Events

  • 🔭 I’m currently working on studying for the GCIH
  • 🌱 I’m currently learning C# and PowerShell
  • 👯 I’m looking to collaborate on anything related to DFIR
  • 🤔 I’m looking for help with KAPE Targets/Modules, EvtxECmd Maps, SQLECmd Maps, RECmd Batch Files, and Registry Explorer Plugins

Notable GitHub Repositories

  • Anti-Forensics-VHDX - Check out this VHDX I put together with some basic anti-forensics techniques on display. Great for learning!
  • Awesome-KAPE - Check out this Awesome repository that centralizes all known open-source resources related to KAPE!
  • DFIRMindMaps - Check out this growing, collaborative Mind Map collection catered towards the visual learners within DFIR!
  • DFIRRegex - Check out this collection of useful regex that I've found useful throughout my DFIR career so far.
  • EventTranscript.db-Research - Check out the latest research on a new Windows 10/11 DFIR artifact!
  • ForensicImageKAPEOutput - Check out this repository that centralizes KAPE !EZParser output for a variety of freely available training images!
  • KAPE-EZToolsAncillaryUpdater - Check out this script I wrote to help keep your working instance of KAPE updated!

Side Projects

AboutDFIR

I have been a Contributor to AboutDFIR since late 2019. Check out the best DFIR resource on the planet here!

Digital Forensics Discord Server

Join the Digital Forensics Discord Server. Check out my guide here!

Pinned

  1. DFIRMindMaps

    A repository of DFIR-related Mind Maps geared towards the visual learners!

    86 10

  2. EventTranscript.db-Research

    A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.

    20 1

  3. KAPE-EZToolsAncillaryUpdater

    A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhance the output of those tools

    PowerShell 18

  4. Awesome-KAPE

    A curated list of KAPE-related resources

    20 3

  5. DFIRRegex

    A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.

    20

  6. Anti-Forensics-VHDX

    A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. Please add a new issue if you have an idea for something to a…

    HTML 10 2

2,349 contributions in the last year

Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Mon Wed Fri
Learn how we count contributions
Less More
Activity overview
Contributed to EricZimmerman/KapeFiles, EricZimmerman/evtx, EricZimmerman/SQLECmd and 5 other repositories

Contribution activity

September 1, 2021

rathbuna has no activity yet for this period.