Alternatives and similar repositories for WAAD:

Users that are interested in WAAD are comparing it to the libraries listed below

• ANSSI-FR / bits_parser
  Extract BITS jobs from QMGR queue and store them as CSV records
  ☆74Updated 6 months ago
• andreafortuna / malhunt
  Hunt malware with Volatility
  ☆47Updated 8 months ago
• swisscom / PowerSponse
  PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
  ☆38Updated 2 years ago
• DFIR-ORC / dfir-orc-config
  Configurations for DFIR ORC
  ☆24Updated 9 months ago
• Silv3rHorn / evtx2json
  evtx2json extracts events of interest from event logs, dedups them, and exports them to json.
  ☆41Updated 3 years ago
• imp0rtp3 / Yobi
  Yara Based Detection Engine for web browsers
  ☆47Updated 3 years ago
• hpthreatresearch / tools
  Scripts and tools accompanying HP Threat Research blog posts and reports.
  ☆50Updated 9 months ago
• AndrewRathbun / Anti-Forensics-VHDX
  A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…
  ☆25Updated 2 years ago
• nettitude / defensive-scripts
  Defence Against the Dark Arts
  ☆34Updated 5 years ago
• jschicht / SetMace
  Manipulate timestamps on NTFS
  ☆50Updated 10 years ago
• IceMoonHSV / Sim
  C# User Simulation
  ☆32Updated 2 years ago
• 00010111 / smbtimeline
  ☆32Updated 2 months ago
• andreafortuna / autotimeliner
  Automagically extract forensic timeline from volatile memory dump
  ☆124Updated 8 months ago
• moullos / Mitigate
  Machine Interrogation To Identify Gaps & Techniques for Execution
  ☆32Updated 2 years ago
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆76Updated 8 months ago
• mandiant / pulsesecure_exploitation_countermeasures
  ☆23Updated last year
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆89Updated 3 years ago
• PlumHound / PlumHound-Tasks
  Community Tasks/Plans for PlumHound Queueing
  ☆23Updated last year
• YossiSassi / hAcKtive-Directory-Forensics
  ☆49Updated last week
• DCScoder / ESXiTri
  ESXi Cyber Security Incident Response Script
  ☆22Updated 4 months ago
• nmantani / PS-TrustedDocuments
  PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office
  ☆34Updated last year
• CrowdStrike / xwf-yara-scanner
  ☆85Updated 11 months ago
• yasser-alghamdi / winterfell-hunt
  Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…
  ☆14Updated 4 years ago
• swimlane / PSAttck
  PSAttck is a light-weight framework for the MITRE ATT&CK Framework.
  ☆38Updated 3 years ago
• moaistory / IE10Analyzer
  http://moaistory.blogspot.com/2016/08/ie10analyzer.html
  ☆15Updated 6 months ago
• NextronSystems / TA-aurora
  Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …
  ☆13Updated 2 years ago
• fox-it / skrapa
  A zero dependency and customizable Python library for scanning Windows and Linux process memory.
  ☆64Updated 11 months ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago