├── Changes.txt ├── Compile ├── IRTriage.ico └── Tools │ ├── Malware-Hunters │ └── Readme.txt │ ├── Misc │ ├── AnalystMsgr.au3 │ ├── AnalystMsgr.exe │ ├── AnalyzePESig-crt-x86.exe │ ├── FileScanner-crt-x86.exe │ ├── IRTriageMsgr.au3 │ ├── IRTriageMsgr.exe │ └── Readme.txt │ ├── Moonsols │ └── Readme.txt │ ├── NirSoft │ └── Readme.txt │ ├── Readme.txt │ ├── RegRipper2.8 │ └── README.md │ ├── SysinternalsSuite │ └── Readme.txt │ ├── UnixUtils │ ├── Readme.txt │ ├── cut.exe │ ├── dd.exe │ ├── grep.exe │ ├── sed.exe │ ├── sort.exe │ ├── tee.exe │ ├── tr.exe │ ├── uniq.exe │ └── wc.exe │ ├── Updater │ ├── AppsUpdates_Calculator.au3 │ ├── My_Github_Updates_Calculator.au3 │ ├── My_Github_Updates_Calculator.exe │ └── downloader.au3 │ ├── cmd.exe │ ├── fdpro.exe │ └── sleuthkit-4.2.0 │ ├── CustomCompiledNoDLLs │ ├── NEWS.txt │ ├── README-win32.txt │ ├── README.md │ ├── bin │ ├── blkcalc.exe │ ├── blkcat.exe │ ├── blkls.exe │ ├── blkstat.exe │ ├── callback-cpp-sample.exe │ ├── callback-sample.exe │ ├── fcat.exe │ ├── ffind.exe │ ├── fls.exe │ ├── fsstat.exe │ ├── hfind.exe │ ├── icat.exe │ ├── ifind.exe │ ├── ils.exe │ ├── img_cat.exe │ ├── img_stat.exe │ ├── istat.exe │ ├── jcat.exe │ ├── jls.exe │ ├── mactime.pl │ ├── mmcat.exe │ ├── mmls.exe │ ├── mmstat.exe │ ├── posix-cpp-sample.exe │ ├── posix-sample.exe │ ├── tsk_comparedir.exe │ ├── tsk_gettimes.exe │ ├── tsk_loaddb.exe │ └── tsk_recover.exe │ └── licenses │ ├── IBM-LICENSE │ └── cpl1.0.txt ├── Docs ├── Tool Comparison.xlsx ├── Triage Help.docx ├── Triage Help.pdf └── list ├── IRTriage.au3 ├── IRTriage.exe ├── IRTriage.ini ├── Readme.md ├── Test └── Readme.txt └── Update.nfo /Changes.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Changes.txt -------------------------------------------------------------------------------- /Compile/IRTriage.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/IRTriage.ico -------------------------------------------------------------------------------- /Compile/Tools/Malware-Hunters/Readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/Malware-Hunters/Readme.txt -------------------------------------------------------------------------------- /Compile/Tools/Misc/AnalystMsgr.au3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/Misc/AnalystMsgr.au3 -------------------------------------------------------------------------------- /Compile/Tools/Misc/AnalystMsgr.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/Misc/AnalystMsgr.exe -------------------------------------------------------------------------------- /Compile/Tools/Misc/AnalyzePESig-crt-x86.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/Misc/AnalyzePESig-crt-x86.exe -------------------------------------------------------------------------------- /Compile/Tools/Misc/FileScanner-crt-x86.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/Misc/FileScanner-crt-x86.exe -------------------------------------------------------------------------------- /Compile/Tools/Misc/IRTriageMsgr.au3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/Misc/IRTriageMsgr.au3 -------------------------------------------------------------------------------- /Compile/Tools/Misc/IRTriageMsgr.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/Misc/IRTriageMsgr.exe -------------------------------------------------------------------------------- /Compile/Tools/Misc/Readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/Misc/Readme.txt -------------------------------------------------------------------------------- /Compile/Tools/Moonsols/Readme.txt: -------------------------------------------------------------------------------- 1 | http://www.moonsols.com/downloads/1 2 | -------------------------------------------------------------------------------- /Compile/Tools/NirSoft/Readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/NirSoft/Readme.txt -------------------------------------------------------------------------------- /Compile/Tools/Readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/Readme.txt -------------------------------------------------------------------------------- /Compile/Tools/RegRipper2.8/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/RegRipper2.8/README.md -------------------------------------------------------------------------------- /Compile/Tools/SysinternalsSuite/Readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/SysinternalsSuite/Readme.txt -------------------------------------------------------------------------------- /Compile/Tools/UnixUtils/Readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/UnixUtils/Readme.txt -------------------------------------------------------------------------------- /Compile/Tools/UnixUtils/cut.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/UnixUtils/cut.exe -------------------------------------------------------------------------------- /Compile/Tools/UnixUtils/dd.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/UnixUtils/dd.exe -------------------------------------------------------------------------------- /Compile/Tools/UnixUtils/grep.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/UnixUtils/grep.exe -------------------------------------------------------------------------------- /Compile/Tools/UnixUtils/sed.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/UnixUtils/sed.exe -------------------------------------------------------------------------------- /Compile/Tools/UnixUtils/sort.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/UnixUtils/sort.exe -------------------------------------------------------------------------------- /Compile/Tools/UnixUtils/tee.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/UnixUtils/tee.exe -------------------------------------------------------------------------------- /Compile/Tools/UnixUtils/tr.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/UnixUtils/tr.exe -------------------------------------------------------------------------------- /Compile/Tools/UnixUtils/uniq.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/UnixUtils/uniq.exe -------------------------------------------------------------------------------- /Compile/Tools/UnixUtils/wc.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/UnixUtils/wc.exe -------------------------------------------------------------------------------- /Compile/Tools/Updater/AppsUpdates_Calculator.au3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/Updater/AppsUpdates_Calculator.au3 -------------------------------------------------------------------------------- /Compile/Tools/Updater/My_Github_Updates_Calculator.au3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/Updater/My_Github_Updates_Calculator.au3 -------------------------------------------------------------------------------- /Compile/Tools/Updater/My_Github_Updates_Calculator.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/Updater/My_Github_Updates_Calculator.exe -------------------------------------------------------------------------------- /Compile/Tools/Updater/downloader.au3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/Updater/downloader.au3 -------------------------------------------------------------------------------- /Compile/Tools/cmd.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/cmd.exe -------------------------------------------------------------------------------- /Compile/Tools/fdpro.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/fdpro.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/CustomCompiledNoDLLs: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/NEWS.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/NEWS.txt -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/README-win32.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/README-win32.txt -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/README.md -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/blkcalc.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/blkcalc.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/blkcat.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/blkcat.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/blkls.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/blkls.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/blkstat.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/blkstat.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/callback-cpp-sample.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/callback-cpp-sample.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/callback-sample.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/callback-sample.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/fcat.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/fcat.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/ffind.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/ffind.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/fls.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/fls.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/fsstat.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/fsstat.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/hfind.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/hfind.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/icat.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/icat.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/ifind.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/ifind.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/ils.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/ils.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/img_cat.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/img_cat.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/img_stat.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/img_stat.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/istat.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/istat.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/jcat.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/jcat.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/jls.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/jls.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/mactime.pl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/mactime.pl -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/mmcat.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/mmcat.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/mmls.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/mmls.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/mmstat.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/mmstat.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/posix-cpp-sample.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/posix-cpp-sample.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/posix-sample.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/posix-sample.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/tsk_comparedir.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/tsk_comparedir.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/tsk_gettimes.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/tsk_gettimes.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/tsk_loaddb.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/tsk_loaddb.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/bin/tsk_recover.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/bin/tsk_recover.exe -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/licenses/IBM-LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/licenses/IBM-LICENSE -------------------------------------------------------------------------------- /Compile/Tools/sleuthkit-4.2.0/licenses/cpl1.0.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Compile/Tools/sleuthkit-4.2.0/licenses/cpl1.0.txt -------------------------------------------------------------------------------- /Docs/Tool Comparison.xlsx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Docs/Tool Comparison.xlsx -------------------------------------------------------------------------------- /Docs/Triage Help.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Docs/Triage Help.docx -------------------------------------------------------------------------------- /Docs/Triage Help.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Docs/Triage Help.pdf -------------------------------------------------------------------------------- /Docs/list: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Docs/list -------------------------------------------------------------------------------- /IRTriage.au3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/IRTriage.au3 -------------------------------------------------------------------------------- /IRTriage.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/IRTriage.exe -------------------------------------------------------------------------------- /IRTriage.ini: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/IRTriage.ini -------------------------------------------------------------------------------- /Readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Readme.md -------------------------------------------------------------------------------- /Test/Readme.txt: -------------------------------------------------------------------------------- 1 | Test scripts for additional features 2 | -------------------------------------------------------------------------------- /Update.nfo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AJMartel/IRTriage/HEAD/Update.nfo --------------------------------------------------------------------------------