CyberDefenseInstitute / CDIR
CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
☆158Updated 6 months ago
Alternatives and similar repositories for CDIR:
Users that are interested in CDIR are comparing it to the libraries listed below
- CDIR Analyzer - parsers for data collected by CDIR Collector☆18Updated last year
- Volatility plugin for extracts configuration data of known malware☆486Updated last year
- Cuckoo Sandbox plugin for extracts configuration data of known malware☆135Updated last year
- Investigate suspicious activity by visualizing Sysmon's event log☆421Updated last year
- EXIST is a web application for aggregating and analyzing cyber threat intelligence.☆151Updated 2 years ago
- Artifact analysis tools by JPCERT/CC Analysis Center☆459Updated 9 months ago
- A DFIR tool to analyze artifacts on macOS☆33Updated 4 years ago
- R-CSIRT Linux Triage tool☆38Updated 6 years ago
- ☆302Updated 4 years ago
- RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.☆72Updated 2 years ago
- ログ分析トレーニング用コンテンツ☆89Updated 4 years ago
- Ghidra Script for automated analysis of EMOTET☆17Updated 4 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆192Updated last month
- An NTFS/FAT parser for digital forensics & incident response☆203Updated 5 months ago
- Set of Yara rules for finding files using magics headers☆137Updated 4 years ago
- Carves and recreates VSS catalog and store from Windows disk image.☆98Updated 2 years ago
- JPCERT/CC public YARA rules repository☆106Updated 4 months ago
- Cuckoo running in a nested hypervisor☆128Updated 4 years ago
- 分析ツール結果シート☆19Updated 7 years ago
- [BHUSA 2018 Arsenal] Integrated tool to analyze Drive-by Download attack☆108Updated 2 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆261Updated 6 years ago
- FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis☆161Updated 4 months ago
- An AFF4 C++ implementation.☆200Updated 2 years ago
- Tool Analysis Result Sheet☆348Updated 7 years ago
- ☆276Updated 2 years ago
- Automagically extract forensic timeline from volatile memory dump☆130Updated 11 months ago
- A DFIR tool to collect artifacts on macOS☆54Updated 5 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆137Updated 2 years ago
- IOC from articles, tweets for archives☆313Updated last year
- Dump of organized knowledge on DFIR☆134Updated 3 years ago