KasperskyLab / ForensicsTools
Tools for DFIR
☆120Updated 7 years ago
Alternatives and similar repositories for ForensicsTools:
Users that are interested in ForensicsTools are comparing it to the libraries listed below
- Python script to decode common encoded PowerShell scripts☆216Updated 6 years ago
- Cuckoo Sandbox is an automated dynamic malware analysis system☆107Updated 4 years ago
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆82Updated 7 years ago
- A collection of infosec related scripts and information.☆53Updated 6 months ago
- Windows Live Artifacts Acquisition Script☆186Updated 2 years ago
- Malware Repository Framework☆99Updated 7 years ago
- Page File analysis tools.☆127Updated 9 years ago
- A modern Python-3-based alternative to RegRipper☆194Updated 3 weeks ago
- PowerShell No Agent Hunting☆110Updated 7 years ago
- Test Blue Team detections without running any attack.☆272Updated 11 months ago
- ☆82Updated 8 years ago
- Reconstruct process trees from event logs☆147Updated 4 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆221Updated 4 years ago
- ☆276Updated 2 years ago
- Malware Analysis, Threat Intelligence and Reverse Engineering: LABS☆82Updated 4 years ago
- PE Import Hash Generator☆78Updated 7 years ago
- Extract common Windows artifacts from source images and VSCs☆65Updated 3 years ago
- A collection of scripts to initialize a windows VM to run all the malwares!☆106Updated 5 years ago
- A powershell script for creating a Windows honeyport.☆89Updated 3 weeks ago
- Yet another registry parser☆132Updated 3 years ago
- ☆151Updated 6 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆261Updated 6 years ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆108Updated 7 years ago
- Understanding ATT&CK Matrix for Enterprise☆80Updated 6 years ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆165Updated 6 years ago
- ☆134Updated 6 years ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆179Updated 3 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆95Updated last week
- A lightweight tool to load Windows Event Log evtx files into Elasticsearch.☆115Updated 4 years ago
- Splunk Boss of the SOC v1 data set.☆111Updated 6 years ago