timestomping

Here are 4 public repositories matching this topic...

norwytch / weeping-angel

Timestomping malware detection framework + arena with RL agent baselines, based on Doctor Who.

python golang terraform incident-response dfir sysmon ntfs sigma doctor-who blue-team mitre-attack ocsf tamper-evident threat-detection detection-engineering usn-journal timestomping whoniverse

Updated Jun 12, 2026
Python

From-scratch NTFS reader (ntfs-core: MFT, attributes, indexes, data runs, LZNT1, $UsnJrnl:$J change journal over Read+Seek) plus a graded anomaly auditor (ntfs-forensic: timestomping, alternate data streams, deleted records, MFT/LogFile tamper checks) — panic-free, fuzzed, no unsafe

rust security filesystem incident-response forensics dfir ntfs digital-forensics anti-forensics mft change-journal alternate-data-streams disk-forensics usn-journal timestomping rust-forensics

Updated Jun 12, 2026
Rust

tglagcs / Anti-Forensics

Star

🥷 PowerShell script for cleaning Windows forensic artifacts

Updated Jan 7, 2026
PowerShell

eliainnocenti / cover-your-tracks

Star

Project for Computer Forensics and Cyber Crime Analysis Exam @ Polito - An interactive forensic serious game for identifying anti-forensic techniques across filesystem, memory, and network domains.

network-forensics cybersecurity steganography digital-forensics dkom serious-game anti-forensics dns-tunneling file-carving slack-space cybersecurity-education cybersecurity-awareness icmp-exfiltration rootkit-detection process-hiding ram-analysis timestomping ntfs-attributes lsb-detection

Updated Jun 2, 2026
JavaScript

Improve this page

Add a description, image, and links to the timestomping topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the timestomping topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly