Alternatives and similar repositories for salt-malware-sources

Users that are interested in salt-malware-sources are comparing it to the libraries listed below

• cado-security / AWS_EKS_Cluster_Forensics
  AWS EKS Cluster Forensics
  ☆23Updated 4 years ago
• telekom-security / acquire-aws-ec2
  A python script to acquire multiple aws ec2 instances in a forensically sound-ish way
  ☆38Updated 4 years ago
• swimlane / CLAW
  A packer utility to create and capture DFIR Image for use AWS & Azure
  ☆15Updated 6 years ago
• cado-security / rip_raw
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆133Updated 3 years ago
• redcanaryco / vscode-attack
  Visual Studio Code extension for MITRE ATT&CK
  ☆55Updated last year
• 3CORESec / Trapdoor
  Serverless honeytoken 🕵🏻‍♂️
  ☆81Updated 2 years ago
• magoo / Vault-for-Incident-Responders
  Things to know when DFIR occurs near a vault deployment.
  ☆44Updated 7 years ago
• r00tten / VTI-Cosplay
  Low budget VirusTotal Intelligence Cosplay
  ☆20Updated 4 years ago
• andrewbeard / broworkshop
  Materials for the BSides NoVA/Charleston 2018 Bro Workshop
  ☆14Updated 7 months ago
• AbGuthrie / goquery
  Provide a shell like interface by utilizing osquery's distributed API
  ☆82Updated 5 years ago
• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆36Updated 6 years ago
• mattreduce / cti-self-study
  Track progress and keep notes while working through likethecoins' CTI Self Study Plan
  ☆29Updated 3 years ago
• NoDataFound / RiskIQ.SunBurst.Hunter
  The Purpose of this research tool is to provide a Python client into RiskIQ API services.
  ☆22Updated 4 years ago
• phretor / infosec-opml
  My very personal and opinionatedly organized infosec/cybersec sources in one OPML file
  ☆59Updated 3 years ago
• nccgroup / ConMachi
  Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container
  ☆106Updated 7 years ago
• ncc-erik-steringer / Aerides
  An implementation of infrastructure-as-code scanning using dynamic tooling.
  ☆56Updated 3 years ago
• assafmo / xioc
  Extract indicators of compromise from text, including "escaped" ones.
  ☆162Updated 5 years ago
• D4-project / passive-ssh
  A Passive SSH back-end and scanner.
  ☆104Updated 6 months ago
• dfirlabs / ntfs-specimens
  NTFS file system specimens
  ☆13Updated 2 years ago
• paralax / ObsidianSailboat
  Nmap and NSE command line wrapper in the style of Metasploit
  ☆43Updated 3 years ago
• Yara-Rules / YaraRET
  Carving tool based in Radare2 & Yara
  ☆17Updated 7 years ago
• zeflow / Sigma2SplunkAlert
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆12Updated 4 years ago
• ninoseki / ioc-extractor
  An npm package for extracting common IoC (Indicator of Compromise) from a block of text
  ☆58Updated 3 months ago
• dirtbags / fluffy
  Tools for Network Archaeology (internet protocol analysis)
  ☆29Updated 3 months ago
• ail-project / ail-yara-rules
  A set of YARA rules for the AIL framework to detect leak or information disclosure
  ☆40Updated 11 months ago
• Neo23x0 / Cyber-Search-Shortcuts
  Browser Shortcuts for Cyber Security Related Online Services
  ☆78Updated 4 years ago
• hashlookup / hashlookup-forensic-analyser
  Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…
  ☆128Updated 2 years ago
• 3c7 / infrastructure-tracking-schema
  ☆24Updated 3 years ago
• Symantec / threathunters
  ☆29Updated 11 months ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆136Updated last year