LDO-CERT / orochiLinks
The Volatility Collaborative GUI
☆243Updated this week
Alternatives and similar repositories for orochi
Users that are interested in orochi are comparing it to the libraries listed below
Sorting:
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆597Updated 2 months ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆163Updated 6 months ago
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆288Updated 3 weeks ago
- Harness the power of Splunk for your investigations☆107Updated 3 weeks ago
- ☆516Updated 7 months ago
- Signatures and IoCs from public Volexity blog posts.☆354Updated 2 weeks ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆627Updated 2 months ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆313Updated 3 weeks ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆221Updated last week
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆180Updated this week
- ☆130Updated last week
- Jupyter Notebooks for the Blue Team☆144Updated 2 months ago
- Parses $MFT from NTFS file systems☆243Updated 3 weeks ago
- Rules generated from our investigations.☆195Updated this week
- Parses amcache.hve files, but with a twist!☆136Updated 4 months ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆109Updated last year
- The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportu…☆212Updated 3 months ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆101Updated last year
- ☆201Updated last year
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆180Updated last week
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆716Updated last month
- Live forensic artifacts collector☆166Updated 10 months ago
- Get all my software☆159Updated 3 weeks ago
- Cast is an installer for any compatible Saltstack based distribution like SIFT or REMnux☆120Updated this week
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts☆64Updated 6 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated 2 years ago
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆165Updated last year
- An NTFS/FAT parser for digital forensics & incident response☆203Updated 6 months ago
- Malduck is your ducky companion in malware analysis journeys☆335Updated 3 weeks ago