☆12Feb 9, 2025Updated last year
Alternatives and similar repositories for forensics
Users that are interested in forensics are comparing it to the libraries listed below
Sorting:
- ☆22Jan 31, 2023Updated 3 years ago
- KQL Sentinel and Defender Detection and Hunting Queries.☆16Feb 24, 2026Updated 3 weeks ago
- ☆45Apr 10, 2024Updated last year
- This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team☆20Oct 9, 2024Updated last year
- Smarter Asset Search, Faster Information Extraction ZoomEye GPT is a browser extension designed specifically for cybersecurity profession…☆26Apr 30, 2025Updated 10 months ago
- ☆24Mar 13, 2026Updated last week
- A tool for fetching DFIR and other GitHub tools.☆26Aug 2, 2025Updated 7 months ago
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆37Jan 2, 2024Updated 2 years ago
- This Repository gives the best and possible strategies against hunting the ransomware☆26Aug 23, 2022Updated 3 years ago
- Digital Forensics Artifacts Knowledge Base☆90Dec 23, 2025Updated 2 months ago
- Advanced Threat Hunting: Ransomware Group☆29Jul 9, 2025Updated 8 months ago
- Script to output Azure IAM permissions and flag any explicit/owner permissions for review☆10May 18, 2020Updated 5 years ago
- 🎇Vision: great List of Regex, Patterns, Google queries, public SPARQL, SQL, NoSQL - Regular Expressions(=Search Patterns=Data type defin…☆12Jul 9, 2025Updated 8 months ago
- Tool for obtaining information about PPL processes☆16Feb 12, 2024Updated 2 years ago
- Wrap words to a specified length.☆12Apr 5, 2024Updated last year
- Hunting Queries for Defender ATP☆83Dec 14, 2025Updated 3 months ago
- ☆10Jul 1, 2023Updated 2 years ago
- Simple Shellcode Runner in Rust Language☆18Dec 8, 2023Updated 2 years ago
- A list of RMMs designed to be used in automation to build alerts☆117Nov 9, 2025Updated 4 months ago
- Assess Azure Security State☆38Jan 22, 2024Updated 2 years ago
- This repository provides a comprehensive Digital Footprint Checklist to help individuals manage their online presence and enhance privacy…☆17Dec 25, 2024Updated last year
- Terraform Virtual Machine Module☆14Mar 14, 2025Updated last year
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆57Mar 2, 2026Updated 2 weeks ago
- ☆13Dec 29, 2020Updated 5 years ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆196Updated this week
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆20Jul 1, 2023Updated 2 years ago
- Disk Image Mounting Script☆11Jan 22, 2026Updated last month
- ☆67Mar 9, 2026Updated last week
- Thor Artifacts for Velociraptor☆19Dec 2, 2025Updated 3 months ago
- Fast multipattern regular expression searching for digital forensics☆18Jul 31, 2019Updated 6 years ago
- Blockchain Attack Simulator (BCASim) is an Open Source Blockchain Simulator for Attack Analysis☆17Dec 21, 2025Updated 2 months ago
- ☆54May 14, 2024Updated last year
- Ian Hanley's deceptively simple KQL queries.☆67Dec 27, 2025Updated 2 months ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack☆12Apr 18, 2020Updated 5 years ago
- SOAR Automation with Shuffle, Wazuh & TheHive | This project integrates Shuffle SOAR, Wazuh SIEM, and TheHive to automate security incide…☆124Feb 21, 2025Updated last year
- Collection of YARA signatures from individual research☆44Nov 20, 2023Updated 2 years ago
- Falcon Integration Gateway (FIG)☆23Mar 5, 2026Updated 2 weeks ago
- ☆56Mar 3, 2026Updated 2 weeks ago