Skip to content
Avatar
?
Working from home
?
Working from home
132 followers · 103 following

Sponsoring

@EricZimmerman

Achievements

GitHub Sponsor

Achievements

GitHub Sponsor

Highlights

  • Pro
  • 1 discussion answered

Organizations

@Digital-Forensics-Discord-Server
Block or Report

Block or report AndrewRathbun

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
AndrewRathbun/README.md

Welcome to my GitHub Profile!

Andrew Rathbun's GitHub Stats

Current Events

  • 🌱 I’m currently learning C# and PowerShell
  • 👯 I’m looking to collaborate on anything related to DFIR
  • 🤔 I’m looking for help with KAPE Targets/Modules, EvtxECmd Maps, SQLECmd Maps, RECmd Batch Files, and Registry Explorer Plugins

Notable GitHub Repositories

Side Projects

AboutDFIR

I have been a Contributor to AboutDFIR since late 2019. Check out the best DFIR resource on the planet here!

Digital Forensics Discord Server

Join the Digital Forensics Discord Server. Check out my guide here! Also, check out the Digital Forensics Discord Server's GitHub Organization here!

Pinned

  1. DFIRMindMaps Public

    A repository of DFIR-related Mind Maps geared towards the visual learners!

    344 50

  2. EventTranscript.db-Research Public

    A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.

    27 2

  3. KAPE-EZToolsAncillaryUpdater Public

    A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhance the output of those tools

    PowerShell 20 2

  4. Awesome-KAPE Public

    A curated list of KAPE-related resources

    43 6

  5. DFIRRegex Public

    A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.

    28 3

  6. VanillaWindowsReference Public

    A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare and see what's been added with each update.

    21 1

2,870 contributions in the last year

Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Mon Wed Fri
Learn how we count contributions
Less More

Contribution activity

January 2022

Created 98 commits in 13 repositories
Created 5 repositories

Created a pull request in jklepsercyber/defender-detectionhistory-parser that received 2 comments

Update README.md

Minor formatting adjustments and spelling errors

+10 −11 2 comments
Opened 17 other pull requests in 5 repositories
EricZimmerman/KapeFiles 6 merged
EricZimmerman/ericzimmerman.github.io 5 merged
nasbench/EVTX-ETW-Resources 4 merged
jklepsercyber/defender-detectionhistory-parser 1 merged
msuhanov/dfir_ntfs 1 merged
Reviewed 13 pull requests in 4 repositories
Opened 3 issues in 3 repositories
33 contributions in private repositories Jan 13 – Jan 28

Seeing something unexpected? Take a look at the GitHub profile guide.