Projects
Here are some personal and professional projects I created and/or contribute to.
SMS Backup and Restore Parser —
/
Go
/ —
Parses XML output from SMS Backup & Restore Android app.
BUP Summary —
/
Python
/ —
Gathers summary details from multiple McAfee BUP files. In other words, "unbup all the things, but just get some data."
Simple EXIF Reader —
/
C#
WinForms
/ —
This is an image/movie metadata reader that provides a simplistic GUI interface to the MetadataExtractor .NET library. It features a one-click link to Google Maps for embedded location data.
macOS triage —
/
Python
/ —
macOS triage is a python script to collect various macOS logs, artifacts, and other data.
Google Analytics Domain Hash Calculator —
/
C#
WinForms
/ —
Calculates Google Analytics domain hash given domain name and provides simple GUI for ease of use (but is only good for calculating one at a time).
gadhash —
/
C++
Boost
/ —
Calculates Google Analytics domain hash given domain(s). This is the more robust and faster CLI counterpart to the Google Analytics Domain Hash Calculator. I also posted a "rainbow table" of hashed domains in this repository using the Cisco Umbrella Popularity List (top 1 million domains).
annotationis —
This is a central repository I use for storing notes and documentation on various OS internals and DFIR knowledge.
Log2ELK —
/
Python
wxPython
Elasticsearch
/ —
CLOSED SOURCE // Intellectual property of KPMG LLP // Parses Windows event logs and ingests parsed data into Elasticsearch. Saved searches for Kibana were also created by our team to automate common searches for lateral movement, pass-the-hash activity, failed logons, antivirus events, etc. This is a standalone tool that our team continues to maintain, and this functionality has also been incorporated into KPMG Digital Responder (KDR).
KPMG Digital Responder (KDR) —
/
Python
wxPython
Elasticsearch
C
C++
PowerShell
JavaScript
D3
/ —
CLOSED SOURCE // Intellectual property of KPMG LLP // Automated digital forensic collection tool, multi-threaded parsing engine, and reporting.