AlecRandazzo / Packrat
Live system forensic collector
☆16Updated 2 years ago
Alternatives and similar repositories for Packrat:
Users that are interested in Packrat are comparing it to the libraries listed below
- pollen - A command-line tool for interacting with TheHive☆35Updated 5 years ago
- A golang implementation of a prefetch parser.☆19Updated 7 months ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Updated 5 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 5 years ago
- Set of utilities for getting information about Windows Events☆15Updated 6 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Collect autorun records from running system☆61Updated 3 years ago
- Looks stuff up (MD5, SHA256, IP, Domains, URL's, strings e.g. mutexes)...☆37Updated 7 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- Links to malware-related YARA rules☆15Updated 2 years ago
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆60Updated 7 years ago
- ☆12Updated 7 years ago
- THOR MITRE ATT&CK Framework Coverage☆24Updated 4 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Updated last year
- Plugins to add funtionality to ProcDOT. http://www.procdot.com☆23Updated last year
- OSSEM Modular☆27Updated 4 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Updated 7 years ago
- Event Log Analysis Tools☆29Updated 8 years ago
- Virustotal Data to Timesketch☆17Updated 6 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆34Updated 5 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Updated 4 years ago
- Windows Thingies in Python for live use.☆24Updated 6 years ago
- Detect kerberos attacks in pcap files☆28Updated 9 years ago
- Mass Triage Tools☆20Updated 2 months ago
- Cybersecurity Incidents Mind Maps☆33Updated 3 years ago
- ☆32Updated 5 months ago
- PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.☆38Updated 3 years ago
- ☆10Updated 5 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Updated 6 years ago
- Server for receiving autorun data from the clients☆13Updated 7 years ago