CyberDefenseInstitute / CDIR-A

Related projects ⓘ

Alternatives and complementary repositories for CDIR-A

• Recruit-CSIRT / LinuxTriage
  R-CSIRT Linux Triage tool
  ☆37Updated 6 years ago
• CyberDefenseInstitute / CDIR
  CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
  ☆154Updated last month
• herosi / triage-collector
  ☆21Updated last month
• Recruit-CSIRT / MacRipper
  A DFIR tool to analyze artifacts on macOS
  ☆31Updated 3 years ago
• JPCERTCC / MalConfScan-with-Cuckoo
  Cuckoo Sandbox plugin for extracts configuration data of known malware
  ☆135Updated 11 months ago
• AllsafeCyberSecurity / malware-analysis-at-scale-defeating-emotet-by-ghidra
  Ghidra Script for automated analysis of EMOTET
  ☆17Updated 3 years ago
• JPCERTCC / ToolAnalysisResultSheet_jp
  分析ツール結果シート
  ☆16Updated 7 years ago
• Yamato-Security / RustyBlue
  RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.
  ☆68Updated 2 years ago
• JPCERTCC / SurfaceAnalysis-on-Cloud
  Surface Analysis System on Cloud
  ☆19Updated 11 months ago
• nao-sec / tknk_scanner
  Community-based integrated malware identification system
  ☆82Updated last year
• nao-sec / ektotal
  [BHUSA 2018 Arsenal] Integrated tool to analyze Drive-by Download attack
  ☆107Updated last year
• PowderKegTech / mushikago
  an automatic penetration testing tool
  ☆39Updated 3 years ago
• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆27Updated 3 years ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated last year
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago
• JPCERTCC / Lucky-Visitor-Scam-IoC
  Automatically update IoC for lucky visitor scam
  ☆25Updated this week
• haxrob / CVE-2019-19781
  DFIR notes for Citrix ADC (NetScaler) appliances vulnerable to CVE-2019-19781
  ☆45Updated 4 years ago
• mitre-attack / evals_caldera
  A CALDERA plugin for ATT&CK Evaluations Round 1
  ☆33Updated last year
• tsale / BlueSploit
  BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.
  ☆32Updated 4 years ago
• jschicht / SetMace
  Manipulate timestamps on NTFS
  ☆49Updated 10 years ago
• kk0m4k / docker-forensics
  ☆23Updated 5 years ago
• Yamato-Security / hayabusa-sample-evtx
  Sample evtx files to use for testing hayabusa detection rules
  ☆44Updated 2 weeks ago
• Recruit-CSIRT / macOSTriageTool
  A DFIR tool to collect artifacts on macOS
  ☆53Updated 4 years ago
• Silv3rHorn / evtx2json
  evtx2json extracts events of interest from event logs, dedups them, and exports them to json.
  ☆41Updated 3 years ago
• Recruit-CSIRT / odoriba
  Malware Dynamic Analysis Platform enhanced Cuckoo Sandbox
  ☆24Updated 6 years ago
• yasser-alghamdi / winterfell-hunt
  Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…
  ☆14Updated 4 years ago
• honeybag / honeybag
  Honeybag helps you to create 'bait archive' with any folders and files, notify you if someone accesses it
  ☆16Updated 4 years ago
• zerber0s / mac_int
  macOS Artifact Intelligence Tool
  ☆13Updated 5 years ago
• nict-csl / exist
  EXIST is a web application for aggregating and analyzing cyber threat intelligence.
  ☆151Updated last year
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 2 years ago