CyberDefenseInstitute / CDIR-ALinks
CDIR Analyzer - parsers for data collected by CDIR Collector
☆18Updated 2 years ago
Alternatives and similar repositories for CDIR-A
Users that are interested in CDIR-A are comparing it to the libraries listed below
Sorting:
- CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library☆163Updated last year
- Cuckoo Sandbox plugin for extracts configuration data of known malware☆135Updated last year
- R-CSIRT Linux Triage tool☆39Updated 7 years ago
- Community-based integrated malware identification system☆82Updated 3 years ago
- [BHUSA 2018 Arsenal] Integrated tool to analyze Drive-by Download attack☆107Updated 2 years ago
- A DFIR tool to collect artifacts on macOS☆56Updated 5 years ago
- 分析ツール結果シート☆19Updated 8 years ago
- Parsing MITRE EDR Evaluation results☆12Updated 7 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated 2 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆41Updated 4 years ago
- Cuckoo running in a nested hypervisor☆128Updated 5 years ago
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Updated 2 years ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆79Updated 3 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆75Updated 3 years ago
- EXIST is a web application for aggregating and analyzing cyber threat intelligence.☆152Updated last week
- Personal compilation of APT malware from whitepaper releases, documents and own research☆267Updated 6 years ago
- Proofpoint - Emerging Threats - Threat Research tools + publicly shared intel and documentation☆80Updated 3 months ago
- Sandbox feature upgrade with the help of wrapped samples☆76Updated 7 years ago
- Mitre Att&ck Technique Emulation☆82Updated 6 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Carves and recreates VSS catalog and store from Windows disk image.☆100Updated 2 years ago
- A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…☆73Updated 4 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Updated 6 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Updated 7 years ago
- Presentation materials for talks I've given.☆20Updated 6 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Updated 4 years ago
- The new name is DeTT&CT☆24Updated 6 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆90Updated 3 years ago
- An advanced memory forensics framework☆96Updated 6 years ago