Alternatives and similar repositories for rustinel

Users that are interested in rustinel are comparing it to the libraries listed below

• Koifman / LUMEN
  Your Browser-based EVTX Companion
  ☆112Updated this week
• Neo23x0 / Talks
  Slides of my public talks
  ☆56Updated 2 years ago
• bittib010 / AjourVolAutolity
  A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.
  ☆16Updated 5 months ago
• mdecrevoisier / Windows-auditing-baseline
  Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.
  ☆60Updated 8 months ago
• brokensound77 / LoFP
  Living off the False Positive!
  ☆41Updated last year
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆70Updated last week
• Blumira / Kerberoast-Detection
  Kerberoast Detection Script
  ☆31Updated last year
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆98Updated 3 years ago
• MHaggis / ADTrapper
  Hunt Smarter, Hunt Harder
  ☆135Updated 3 weeks ago
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Updated 7 months ago
• joeavanzato / velociraptor-timeline-creator
  VTC - Velociraptor Timeline Creator
  ☆19Updated last year
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆78Updated last year
• alwashali / detection-validation
  Detection rule validation
  ☆40Updated 2 years ago
• xg5-simon / MS-Graph-BlueTeam
  MS Graph Commands and Tools for Blue Teamers
  ☆52Updated last week
• g-les / 100DaysofYARA
  100 Days of YARA to be updated with rules & ideas as the year progresses
  ☆60Updated 3 years ago
• MHaggis / ASRGEN
  ASR Configurator, Essentials and Atomic Testing
  ☆101Updated 9 months ago
• matthieugras / timeline-downloader
  ☆70Updated last week
• The-DFIR-Report / Suricata-Rules
  ☆11Updated 2 years ago
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆55Updated last year
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆155Updated 2 years ago
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆109Updated 2 weeks ago
• jstrosch / subparse
  Modular malware analysis artifact collection and correlation framework
  ☆54Updated last year
• AndrewRathbun / SANSGoldPaperResearch_FOR500_Rathbun
  A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.
  ☆27Updated 3 years ago
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆86Updated last month
• zolderio / misp-to-sentinel
  Azure function to insert MISP data in to Azure Sentinel
  ☆34Updated 3 years ago
• openrelik / openrelik-deploy
  Tools and scripts to deploy and manage OpenRelik instances
  ☆16Updated 8 months ago
• f-bader / MSRC-PatchReview
  A PowerShell variant of the amazing patch_review.py by kevthehermit
  ☆178Updated 3 months ago
• fox-it / citrix-netscaler-triage
  Dissect triage scripts for Citrix NetScaler devices
  ☆68Updated 2 months ago
• MHaggis / ShellSweep
  ShellSweeping the evil.
  ☆53Updated last year
• Cyb3rWard0g / HF-Agents-Course-Notes
  My Notes from Hugging Face AI Agents Course
  ☆20Updated 11 months ago