Alternatives and similar repositories for Windows-Registry-Analysis-Cheat-Sheet:

Users that are interested in Windows-Registry-Analysis-Cheat-Sheet are comparing it to the libraries listed below

• forensicxlab / VISION-ProcMon
  A ProcessMonitor visualization application written in rust.
  ☆178Updated last year
• gtworek / VolatileDataCollector
  ☆199Updated 3 months ago
• dodo-sec / Malware-Analysis
  ☆132Updated last year
• archcloudlabs / HackSpaceCon_Malware_Analysis_Course
  Free training course offered at Hack Space Con 2023
  ☆137Updated last year
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆151Updated 9 months ago
• nasbench / Misc-Research
  A collection of tools, scripts and personal research
  ☆125Updated 7 months ago
• LOLAPPS-Project / LOLAPPS
  LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.
  ☆180Updated this week
• secure-cake / win-mal-investigations
  Windows Malware Investigation Scripts & Docs
  ☆74Updated 3 months ago
• LuemmelSec / Client-Checker
  ☆173Updated 2 months ago
• Azr43lKn1ght / DFIR-LABS
  DFIR LABS - A compilation of challenges that aims to provide practice in simple to advanced concepts in the following topics: Digital For…
  ☆174Updated 3 weeks ago
• reveng007 / Learning-EDR-and-EDR_Evasion
  I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning …
  ☆269Updated last year
• BushidoUK / Ransomware-Vulnerability-Matrix
  A collection of CVEs weaponized by ransomware operators
  ☆104Updated last month
• joeavanzato / RetrievIR
  PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
  ☆99Updated 5 months ago
• dahvidschloss / CRASH
  Completely Risky Active-Directory Simulation Hub
  ☆99Updated last year
• mthcht / Purpleteam
  Purpleteam scripts simulation & Detection - trigger events for SOC detections
  ☆177Updated 2 months ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆118Updated 10 months ago
• Psmths / windows-forensic-artifacts
  Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
  ☆320Updated 6 months ago
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆146Updated 5 months ago
• ine-labs / ThreatSeeker
  ThreatSeeker: Threat Hunting via Windows Event Logs
  ☆118Updated last year
• jsecurity101 / TelemetrySource
  ☆232Updated 9 months ago
• vm32 / Digital-Forensics-Script-for-Linux
  Advanced Bash script designed for conducting digital forensics on Linux systems
  ☆138Updated 10 months ago
• LETHAL-FORENSICS / Collect-MemoryDump
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆225Updated this week
• dfir-dd / dfir-toolkit
  CLI tools for forensic investigation of Windows artifacts
  ☆325Updated 3 months ago
• dbissell6 / DFIR
  This is a repository dedicated to the DFIR journey. Contains notes, reflections and links to tools.
  ☆63Updated this week
• jsecurity101 / JonMon
  ☆206Updated 3 weeks ago
• itaymigdal / LOLSpoof
  An interactive shell to spoof some LOLBins command line
  ☆182Updated last year
• RussianPanda95 / Yara-Rules
  Repository of Yara Rules
  ☆100Updated this week
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆88Updated 2 months ago
• An0nUD4Y / AV-EDR-Lab-Environment-Setup
  AV/EDR Lab environment setup references to help in Malware development
  ☆364Updated this week
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆152Updated last year