CyberDefenseInstitute / CDIR-A
CDIR Analyzer - parsers for data collected by CDIR Collector
☆18Updated last year
Related projects ⓘ
Alternatives and complementary repositories for CDIR-A
- R-CSIRT Linux Triage tool☆37Updated 6 years ago
- CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library☆154Updated last month
- ☆21Updated last month
- A DFIR tool to analyze artifacts on macOS☆31Updated 3 years ago
- Cuckoo Sandbox plugin for extracts configuration data of known malware☆135Updated 11 months ago
- Ghidra Script for automated analysis of EMOTET☆17Updated 3 years ago
- 分析ツール結果シート☆16Updated 7 years ago
- RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.☆68Updated 2 years ago
- Surface Analysis System on Cloud☆19Updated 11 months ago
- Community-based integrated malware identification system☆82Updated last year
- [BHUSA 2018 Arsenal] Integrated tool to analyze Drive-by Download attack☆107Updated last year
- an automatic penetration testing tool☆39Updated 3 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- ☆34Updated last year
- Links to malware-related YARA rules☆14Updated 2 years ago
- Automatically update IoC for lucky visitor scam☆25Updated this week
- DFIR notes for Citrix ADC (NetScaler) appliances vulnerable to CVE-2019-19781☆45Updated 4 years ago
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Updated last year
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 4 years ago
- Manipulate timestamps on NTFS☆49Updated 10 years ago
- ☆23Updated 5 years ago
- Sample evtx files to use for testing hayabusa detection rules☆44Updated 2 weeks ago
- A DFIR tool to collect artifacts on macOS☆53Updated 4 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆41Updated 3 years ago
- Malware Dynamic Analysis Platform enhanced Cuckoo Sandbox☆24Updated 6 years ago
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆14Updated 4 years ago
- Honeybag helps you to create 'bait archive' with any folders and files, notify you if someone accesses it☆16Updated 4 years ago
- macOS Artifact Intelligence Tool☆13Updated 5 years ago
- EXIST is a web application for aggregating and analyzing cyber threat intelligence.☆151Updated last year
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 2 years ago