Alternatives and similar repositories for dfir-orc-config

Users that are interested in dfir-orc-config are comparing it to the libraries listed below

• ANSSI-FR / bits_parser
  Extract BITS jobs from QMGR queue and store them as CSV records
  ☆75Updated 3 months ago
• 00010111 / smbtimeline
  ☆35Updated 7 months ago
• openrelik / openrelik-server
  The core backend server handling API requests and task management
  ☆39Updated last week
• W3ndige / aurora
  Malware similarity platform with modularity in mind.
  ☆78Updated 3 years ago
• Silv3rHorn / evtx2json
  evtx2json extracts events of interest from event logs, dedups them, and exports them to json.
  ☆42Updated 4 years ago
• monnappa22 / Psinfo
  Psinfo is a Volatility plugin which collects the process related information from the VAD (Virtual Address Descriptor) and PEB (Process E…
  ☆36Updated 8 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• mandiant / apooxml
  Generate YARA rules for OOXML documents.
  ☆38Updated 2 years ago
• certsocietegenerale / fame_modules
  Community modules for FAME
  ☆65Updated 4 months ago
• airbus-cert / Splunk-ETW
  A Splunk Technology Add-on to forward filtered ETW events.
  ☆30Updated 4 years ago
• sumeshi / evtx2es
  A library for fast parse & import of Windows Eventlogs into Elasticsearch.
  ☆85Updated last month
• humpalum / vscode-sigma
  ☆16Updated 2 months ago
• hpthreatresearch / tools
  Scripts and tools accompanying HP Threat Research blog posts and reports.
  ☆50Updated last year
• ernw / quarantine-formats
  Documentation and parsers for different anti-virus quarantine formats.
  ☆42Updated 4 years ago
• faisalusuf / ThreatIntelligence
  Tracking APT IOCs
  ☆25Updated 4 years ago
• sbousseaden / YaraHunts
  Random hunting ordiented yara rules
  ☆96Updated 2 years ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated 2 years ago
• g-les / 100DaysofYARA
  100 Days of YARA to be updated with rules & ideas as the year progresses
  ☆60Updated 2 years ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 3 years ago
• y3n11 / Captain
  Userland API monitor for threat hunting
  ☆58Updated 5 years ago
• 3c7 / yaramanager
  Simple yara rule manager
  ☆66Updated 2 years ago
• IceMoonHSV / Sim
  C# User Simulation
  ☆32Updated 2 years ago
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆78Updated 3 weeks ago
• Silv3rHorn / 4n6_misc
  Miscellaneous Scripts
  ☆17Updated 4 years ago
• Neo23x0 / yaraQA
  YARA rule analyzer to improve rule quality and performance
  ☆101Updated last month
• jshlbrd / threat-hunting-pocket-guide
  pocket guide for core threat hunting concepts
  ☆23Updated 5 years ago
• hvs-consulting / ioc_signatures
  Repository with selected IOCs and YARA rules for threat hunting.
  ☆35Updated 2 weeks ago
• stvemillertime / ConventionEngine
  ConventionEngine - A Yara Rulepack for PDB Path Hunting
  ☆38Updated 2 years ago
• forensiclunch / ETLParser
  Binary commandline executable to parse ETL files
  ☆67Updated 7 years ago
• imp0rtp3 / Yobi
  Yara Based Detection Engine for web browsers
  ☆47Updated 3 years ago