Alternatives and similar repositories for investigations

Users that are interested in investigations are comparing it to the libraries listed below

• mvt-project / mvt
  MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
  ☆11,977Updated last week
• vanhoefm / fragattacks
  ☆1,283Updated 8 months ago
• timb-machine / linux-malware
  Tracking interesting Linux (and UNIX) malware. Send PRs
  ☆1,201Updated 7 months ago
• cisagov / CHIRP
  A DFIR tool written in Python.
  ☆1,052Updated 4 years ago
• curated-intel / Ukraine-Cyber-Operations
  Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for…
  ☆938Updated 2 years ago
• Forescout / project-memoria-detector
  ☆323Updated 4 years ago
• GuidoBartoli / sherloq
  An open-source digital image forensic toolset
  ☆3,066Updated 5 months ago
• AmnestyTech / covid19-apps
  Technical notes from investigations into COVID-19 contact-tracing apps
  ☆50Updated 5 years ago
• AsuharietYgvar / AppleNeuralHash2ONNX
  Convert Apple NeuralHash model for CSAM Detection to ONNX.
  ☆1,535Updated 4 years ago
• Neo23x0 / Raccine
  A Simple Ransomware Vaccine
  ☆975Updated 2 years ago
• AssoEchap / stalkerware-indicators
  Indicators of stalkerware apps
  ☆335Updated 2 months ago
• TheParmak / conti-leaks-englished
  Google and deepl translated conti leaks, which is shared by a member of the conti ransomware group.
  ☆615Updated 3 years ago
• nickboucher / trojan-source
  Trojan Source: Invisible Vulnerabilities
  ☆1,272Updated 2 years ago
• Neo23x0 / log4shell-detector
  Detector for Log4Shell exploitation attempts
  ☆729Updated 3 years ago
• nadimkobeissi / appleprivacyletter
  An open letter against Apple's new privacy-invasive client-side content scanning.
  ☆627Updated 2 years ago
• VirusTotal / vt-cli
  VirusTotal Command Line Interface
  ☆1,195Updated 2 months ago
• signalapp / Signal-TLS-Proxy
  ☆1,151Updated 4 months ago
• Malfrats / xeuledoc
  Fetch information about a public Google document.
  ☆983Updated 2 years ago
• KasperskyLab / iShutdown
  ☆452Updated last year
• evilsocket / ditto
  A tool for IDN homograph attacks and detection.
  ☆741Updated 4 years ago
• seemoo-lab / AirGuard
  Protect yourself from being tracked 🌍 by AirTags 🏷 and Find My accessories 📍
  ☆2,195Updated last week
• positive-security / send-my
  Upload arbitrary data via Apple's Find My network.
  ☆1,866Updated 2 years ago
• mandiant / ThreatPursuit-VM
  Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…
  ☆1,300Updated 2 years ago
• cisagov / log4j-affected-db
  A community sourced list of log4j-affected software
  ☆1,124Updated 3 years ago
• Jayy001 / Search-That-Hash
  🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
  ☆1,393Updated 9 months ago
• samyk / slipstream
  NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim’s NAT/firewa…
  ☆1,955Updated 2 years ago
• gnxbr / Fully-Undetectable-Techniques
  ☆373Updated 4 months ago
• mandiant / sunburst_countermeasures
  ☆562Updated 2 years ago
• sowdust / tafferugli
  Tafferugli is a Twitter Analysis Framework
  ☆361Updated 3 years ago
• f0cker / crackq
  CrackQ: A Python Hashcat cracking queue system
  ☆939Updated last year