ANSSI-FR / DECODELinks
Malware detection tool for Windows PE files based on DFIR ORC data
☆9Updated 2 months ago
Alternatives and similar repositories for DECODE
Users that are interested in DECODE are comparing it to the libraries listed below
Sorting:
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆76Updated this week
- Elastic Security Labs releases☆76Updated 2 weeks ago
- The core backend server handling API requests and task management☆43Updated 3 weeks ago
- Linux #rootkit and #malware revealer☆26Updated 11 months ago
- Rules Shared by the Community from 100 Days of YARA 2023☆77Updated 2 years ago
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆115Updated last year
- The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…☆69Updated this week
- A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and rea…☆96Updated last year
- File analysis and management framework.☆88Updated last year
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆64Updated 2 years ago
- YARA rule analyzer to improve rule quality and performance☆102Updated 3 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆82Updated last month
- Plugins for parsing CSV files in Timeline Explorer. This project allows for anyone to add more supported files (i,e. they get a Line #/ta…☆26Updated 2 months ago
- LOKI2 - Simple IOC and YARA Scanner☆97Updated 2 weeks ago
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆67Updated last month
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆57Updated last month
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated 3 weeks ago
- The DFRWS 2023 challenge (The Troubled Elevator) takes a deep dive into the domain of Industrial Control Systems (ICS), specifically foc…☆50Updated last year
- ☆22Updated 2 years ago
- acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.☆105Updated this week
- Collection of rules created using YARA-Signator over Malpedia☆132Updated 8 months ago
- DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…☆82Updated 6 months ago
- BlackBerry Threat Research & Intelligence☆98Updated last year
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Updated 9 months ago
- Digital Forensics Artifacts Knowledge Base☆83Updated last year
- Rules shared by the community from 100 Days of YARA 2024☆85Updated 6 months ago
- Yet Another Memory Analyzer for malware detection☆186Updated 3 months ago
- Carve file metadata from NTFS index ($I30) attributes☆66Updated last year
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated 2 years ago
- Forensic Artifact Collection Tool Matrix☆85Updated 8 months ago