DFIR-ORC / dfir-orc-configLinks
Configurations for DFIR ORC
☆27Updated last year
Alternatives and similar repositories for dfir-orc-config
Users that are interested in dfir-orc-config are comparing it to the libraries listed below
Sorting:
- Extract BITS jobs from QMGR queue and store them as CSV records☆75Updated 5 months ago
- Repository with selected IOCs and YARA rules for threat hunting.☆35Updated 2 months ago
- Standardized Malware Analysis Tool☆53Updated 4 years ago
- Malware similarity platform with modularity in mind.☆78Updated 4 years ago
- Documentation and parsers for different anti-virus quarantine formats.☆42Updated 4 years ago
- A Splunk Technology Add-on to forward filtered ETW events.☆30Updated 4 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 4 years ago
- Simple yara rule manager☆66Updated 2 years ago
- Random hunting ordiented yara rules☆97Updated 2 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆38Updated 2 years ago
- Yara Based Detection Engine for web browsers☆49Updated 3 years ago
- Python based CLI for MalwareBazaar☆37Updated 2 weeks ago
- Generate YARA rules for OOXML documents.☆38Updated 2 years ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆65Updated 2 years ago
- ☆15Updated 3 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆42Updated 4 years ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆106Updated 3 months ago
- Miscellaneous Scripts☆17Updated 4 years ago
- Collection of scripts used to analyse malware or emails☆19Updated 4 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- Parses the WMI object database....looking for persistence☆32Updated 5 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- The core backend server handling API requests and task management☆43Updated last week
- A tool to help malware analysts signature unique parts of RTF documents☆29Updated 7 months ago
- Yara rules☆22Updated 2 years ago
- Imphash-like calculation on Golang binaries☆49Updated 3 years ago
- Alternative YARA scanning engine☆72Updated 2 years ago
- Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.☆19Updated 3 years ago
- Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)☆21Updated last week