Alternatives and similar repositories for WAAD

Users that are interested in WAAD are comparing it to the libraries listed below

• ANSSI-FR / bits_parser
  Extract BITS jobs from QMGR queue and store them as CSV records
  ☆75Updated 8 months ago
• AndrewRathbun / Anti-Forensics-VHDX
  A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…
  ☆28Updated 2 years ago
• nidem / forgedpillow
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Updated 4 years ago
• jschicht / SetMace
  Manipulate timestamps on NTFS
  ☆53Updated 11 years ago
• imp0rtp3 / Yobi
  Yara Based Detection Engine for web browsers
  ☆49Updated 4 years ago
• andreafortuna / autotimeliner
  Automagically extract forensic timeline from volatile memory dump
  ☆132Updated last year
• airbus-cert / Splunk-ETW
  A Splunk Technology Add-on to forward filtered ETW events.
  ☆30Updated 5 years ago
• NextronSystems / nextron-helper-scripts
  Public tools, scripts or code snippets that can help when working with our products
  ☆46Updated 6 months ago
• yasser-alghamdi / winterfell-collection
  Winterfell is a group of windows batch scripts to collect Windows forensics data and perform efficient, and fast incident response and th…
  ☆52Updated 5 years ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 4 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 4 years ago
• mandiant / goauditparser
  ☆46Updated 2 years ago
• swisscom / PowerSponse
  PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
  ☆38Updated 3 years ago
• sbousseaden / YaraHunts
  Random hunting ordiented yara rules
  ☆97Updated 2 years ago
• Silv3rHorn / evtx2json
  evtx2json extracts events of interest from event logs, dedups them, and exports them to json.
  ☆42Updated 4 years ago
• nettitude / defensive-scripts
  Defence Against the Dark Arts
  ☆34Updated 6 years ago
• NextronSystems / valhallaAPI
  Valhalla API Client
  ☆70Updated 2 years ago
• n3l5 / irMempull
  PowerShell Memory Pulling script
  ☆19Updated 10 years ago
• nmantani / PS-TrustedDocuments
  PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office
  ☆35Updated 2 years ago
• cmdaltr / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆32Updated last month
• Beercow / SEPparser
  Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.
  ☆64Updated 2 years ago
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated 7 months ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆26Updated last year
• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 5 years ago
• moullos / Mitigate
  Machine Interrogation To Identify Gaps & Techniques for Execution
  ☆32Updated 3 years ago
• Neo23x0 / panopticon
  A YARA Rule Performance Measurement Tool
  ☆60Updated last year
• rj-chap / BaselineTraining
  Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk
  ☆12Updated 6 years ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆107Updated last year
• brimorlabs / rdpieces
  The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images
  ☆84Updated 2 years ago
• Neo23x0 / xorex
  XOR Key Extractor
  ☆50Updated last year