Alternatives and similar repositories for ProcDOT-Plugins:

Users that are interested in ProcDOT-Plugins are comparing it to the libraries listed below

• bonifield / volatilityGrapher
  Force-Directed Graph Generator for Volatility Ouputs
  ☆26Updated 5 years ago
• PivotAll / PivotAll
  Comprehensive Pivoting Framework
  ☆20Updated 8 years ago
• DissectMalware / base64_substring
  Generate a Yara rule to find base64-encoded files containg a specific keyword
  ☆40Updated 6 years ago
• DissectMalware / MalwareCMDMonitor
  Shows command lines used by latest instances analyzed on Hybrid-Analysis
  ☆43Updated 6 years ago
• Invoke-IR / PowerForensicsPortable
  ☆31Updated 2 months ago
• itsreallynick / office-crackros
  Crack your macros like the math pros.
  ☆33Updated 8 years ago
• defensivedepth / Sysmon_OSSEC
  OSSEC Decoder & Rulesets for Sysmon Events
  ☆15Updated 9 years ago
• davidpany / rr_parseomater
  RegRipper wrapper for simplified bulk parsing or registry hives
  ☆9Updated 6 years ago
• matthewdunwoody / PS_logging_reg
  A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed
  ☆16Updated 8 years ago
• SekoiaLab / FastIR_Agent
  FastIR Agent is a Windows service to execute FastIR Collector on demand
  ☆14Updated 7 years ago
• matthastings / PSalander
  ☆51Updated 6 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 4 years ago
• darkquasar / WMI_Persistence
  A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics
  ☆85Updated 7 years ago
• fl0x2208 / Tools-mindmap
  mindmap created for tools can be used during analysis/investigation
  ☆27Updated 8 years ago
• bfuzzy / ThreatHunter-Playbook
  A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
  ☆14Updated 6 years ago
• IllusiveNetworks-Labs / HistoricProcessTree
  An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…
  ☆60Updated 7 years ago
• chaoticmachinery / mass_triage_tools
  Mass Triage Tools
  ☆20Updated last week
• JamesHabben / MalwareStuff
  ☆16Updated 10 years ago
• hiddenillusion / IR
  Some dfir stuff
  ☆31Updated 3 years ago
• CERT-Bund / yara-exporter
  Exporting MISP event attributes to yara rules usable with Thor apt scanner
  ☆24Updated 7 years ago
• DearBytes / Opensource-Endpoint-Monitoring
  This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
  ☆34Updated 5 years ago
• bandrel / OCyara
  Performs OCR on image files and scans them for matches to YARA rules
  ☆40Updated 6 years ago
• superponible / DFIR
  Various DFIR Tools
  ☆26Updated 6 years ago
• markedoe / cuckoo-sandbox
  cuckoo sandbox patches and scripts
  ☆15Updated 11 years ago
• JimmyAstle / Atomic-Parser
  Python parser for Red Canary's Atomic Red Team Yamls
  ☆27Updated 6 years ago
• neu5ron / WinLogsZero2Hero
  This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.
  ☆22Updated 7 years ago
• reed1713 / ELAT
  Event Log Analysis Tools
  ☆29Updated 8 years ago
• TakahiroHaruyama / onigiri
  onigiri - remote malware triage script
  ☆25Updated 9 years ago
• MHaggis / app_splunk_sysmon_hunter
  Splunk App to assist Sysmon Threat Hunting
  ☆38Updated 7 years ago
• davidhowell-tx / PS-DigitalForensics
  PowerShell scripts for Hard Drive forensics and parsing Windows Artifacts
  ☆56Updated 4 years ago