Alternatives and similar repositories for investigations

Users that are interested in investigations are comparing it to the libraries listed below

• mvt-project / mvt
  MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
  ☆11,242Updated this week
• timb-machine / linux-malware
  Tracking interesting Linux (and UNIX) malware. Send PRs
  ☆1,180Updated 3 weeks ago
• verymeticulous / wikAPEdia
  A central place for apes to learn about stonks. This is not financial advice.
  ☆409Updated 3 years ago
• evilsocket / ditto
  A tool for IDN homograph attacks and detection.
  ☆737Updated 4 years ago
• curated-intel / Ukraine-Cyber-Operations
  Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for…
  ☆924Updated last year
• AssoEchap / stalkerware-indicators
  Indicators of stalkerware apps
  ☆304Updated last month
• ComodoSecurity / openedr
  Open EDR public repository
  ☆2,446Updated last year
• thinkst / canarytokens
  Canarytokens helps track activity and actions on your network.
  ☆1,850Updated this week
• Malfrats / xeuledoc
  Fetch information about a public Google document.
  ☆886Updated last year
• Te-k / harpoon
  CLI tool for open source and threat intelligence
  ☆1,214Updated 3 months ago
• mandiant / red_team_tool_countermeasures
  ☆2,662Updated last year
• nccgroup / Solitude
  Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or a more a…
  ☆372Updated 4 years ago
• cisagov / CHIRP
  A DFIR tool written in Python.
  ☆1,049Updated 3 years ago
• topotam / PetitPotam
  PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
  ☆1,973Updated 9 months ago
• NCSC-NL / log4shell
  Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
  ☆1,894Updated 2 years ago
• Neo23x0 / Raccine
  A Simple Ransomware Vaccine
  ☆964Updated last year
• nzymedefense / nzyme
  CLOSE ACCESS DENIAL.
  ☆1,492Updated this week
• f0cker / crackq
  CrackQ: A Python Hashcat cracking queue system
  ☆938Updated 9 months ago
• Lookyloo / lookyloo
  Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.
  ☆715Updated this week
• GuidoBartoli / sherloq
  An open-source digital image forensic toolset
  ☆2,929Updated 3 weeks ago
• Neo23x0 / log4shell-detector
  Detector for Log4Shell exploitation attempts
  ☆731Updated 3 years ago
• alexandreborges / malwoverview
  Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…
  ☆3,211Updated 4 months ago
• SpyGuard / SpyGuard
  SpyGuard is a forked and enhanced version of TinyCheck. SpyGuard's main objective is to detect signs of compromise by monitoring network …
  ☆428Updated 8 months ago
• microsoft / CyberBattleSim
  An experimentation and research platform to investigate the interaction of automated agents in an abstract simulated network environments…
  ☆1,707Updated last month
• fox-it / dissect
  Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts…
  ☆1,008Updated 2 weeks ago
• AmIJesse / LinkBait
  ☆86Updated 4 years ago
• mandiant / ThreatPursuit-VM
  Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…
  ☆1,270Updated 2 years ago
• KasperskyLab / triangle_check
  ☆514Updated last year
• Neo23x0 / Loki
  Loki - Simple IOC and YARA Scanner
  ☆3,552Updated 6 months ago
• AdguardTeam / cname-trackers
  This repository contains a list of popular CNAME trackers
  ☆398Updated this week