DFIR-ORC / dfir-orc-configLinks
Configurations for DFIR ORC
☆27Updated last year
Alternatives and similar repositories for dfir-orc-config
Users that are interested in dfir-orc-config are comparing it to the libraries listed below
Sorting:
- Extract BITS jobs from QMGR queue and store them as CSV records☆75Updated 4 months ago
- A Splunk Technology Add-on to forward filtered ETW events.☆30Updated 4 years ago
- ☆35Updated 8 months ago
- Simple yara rule manager☆66Updated 2 years ago
- Random hunting ordiented yara rules☆97Updated 2 years ago
- Repository with selected IOCs and YARA rules for threat hunting.☆35Updated last month
- Malware similarity platform with modularity in mind.☆78Updated 3 years ago
- Community modules for FAME☆65Updated 4 months ago
- Scripts and lists to help generate YARA friendly string mutations☆21Updated 2 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆42Updated 4 years ago
- Scans a malware file and lists down the related MBC (Malware Behavior Catalog) details.☆22Updated 2 years ago
- Documentation and parsers for different anti-virus quarantine formats.☆42Updated 4 years ago
- Python based CLI for MalwareBazaar☆37Updated 7 months ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- Generate YARA rules for OOXML documents.☆38Updated 2 years ago
- MWDB exercises☆20Updated 5 months ago
- Steezy - Ghetto Yara Generation☆15Updated 2 years ago
- Binary commandline executable to parse ETL files☆67Updated 7 years ago
- The core backend server handling API requests and task management☆42Updated this week
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆56Updated 3 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆79Updated last month
- Parses the WMI object database....looking for persistence☆32Updated 5 years ago
- Psinfo is a Volatility plugin which collects the process related information from the VAD (Virtual Address Descriptor) and PEB (Process E…☆36Updated 8 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Yara Based Detection Engine for web browsers☆49Updated 3 years ago
- ☆27Updated 3 years ago
- A rewrite of mactime, a bodyfile reader☆37Updated 10 months ago
- Windows file metadata / forensic tool.☆18Updated 9 months ago
- Standardized Malware Analysis Tool☆53Updated 4 years ago