Alternatives and similar repositories for DECODE

Users that are interested in DECODE are comparing it to the libraries listed below

• mnrkbys / fjta
  FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…
  ☆103Updated 3 weeks ago
• YARAHQ / yara-forge
  Automated YARA Rule Standardization and Quality Assurance Tool
  ☆278Updated last week
• openrelik / openrelik-server
  The backend server handling API requests and task management
  ☆55Updated this week
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆151Updated last year
• fox-it / acquire
  acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
  ☆117Updated 3 weeks ago
• csababarta / memory-baseliner
  Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…
  ☆55Updated 2 years ago
• netskopeoss / NetskopeThreatLabsIOCs
  ☆152Updated 3 months ago
• Neo23x0 / YARA-Performance-Guidelines
  A guide on how to write fast and memory friendly YARA rules
  ☆164Updated 11 months ago
• Neo23x0 / YARA-Style-Guide
  A specification and style guide for YARA rules
  ☆66Updated last year
• 100DaysofYARA / 2024
  Rules shared by the community from 100 Days of YARA 2024
  ☆89Updated last year
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆109Updated 2 weeks ago
• elastic / labs-releases
  Elastic Security Labs releases
  ☆84Updated 2 months ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆108Updated last year
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated 2 years ago
• dwmetz / MalChela
  A YARA & Malware Analysis Toolkit written in Rust.
  ☆92Updated this week
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆180Updated 8 months ago
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Updated 7 months ago
• linuxartifactparser / LAP
  ☆57Updated last month
• Neo23x0 / yaraQA
  YARA rule analyzer to improve rule quality and performance
  ☆110Updated 3 weeks ago
• blueteam0ps / AllthingsTimesketch
  This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.
  ☆118Updated 2 years ago
• lxndrblz / forensicsim
  A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and rea…
  ☆115Updated 3 weeks ago
• 100DaysofYARA / 2025
  Rules shared by the community from 100 Days of YARA 2025
  ☆38Updated last month
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆196Updated this week
• CrowdStrike / SuperMem
  A python script developed to process Windows memory images based on triage type.
  ☆263Updated 2 years ago
• CERT-SYNETIS / PyTriage
  Outil de triage automatisé de différents types de collectes d'artefacts.
  ☆17Updated 2 months ago
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆149Updated 3 months ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆162Updated 10 months ago
• LDO-CERT / orochi
  The Volatility Collaborative GUI
  ☆266Updated this week
• MagnetForensics / dumpit-linux
  Memory acquisition for Linux that makes sense.
  ☆219Updated 2 years ago
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆89Updated last year