LDO-CERT / orochiLinks
The Volatility Collaborative GUI
β250Updated this week
Alternatives and similar repositories for orochi
Users that are interested in orochi are comparing it to the libraries listed below
Sorting:
- A python script developed to process Windows memory images based on triage type.β265Updated last year
- π§ The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux systemβ291Updated 3 months ago
- Harness the power of Splunk for your investigationsβ123Updated 2 months ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifaβ¦β604Updated 5 months ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare β¦β172Updated 9 months ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.β328Updated 3 months ago
- β211Updated 2 months ago
- The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportuβ¦β214Updated 6 months ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.β113Updated last year
- Artifact collection tool for *nix systemsβ209Updated last year
- Rules generated from our investigations.β197Updated 2 months ago
- β141Updated last month
- Memory acquisition for Linux that makes sense.β202Updated last year
- Signatures and IoCs from public Volexity blog posts.β354Updated 3 months ago
- Forensic Artifact Collection Tool Matrixβ88Updated 9 months ago
- A curated list of KAPE-related resourcesβ172Updated 3 months ago
- Incident Response documents and toolingβ75Updated last year
- Digital Forensics Artifacts Knowledge Baseβ86Updated last year
- An NTFS/FAT parser for digital forensics & incident responseβ206Updated 9 months ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copiesβ104Updated last year
- Automated YARA Rule Standardization and Quality Assurance Toolβ236Updated last week
- Repository of public reference frameworks for the DFIR community.β116Updated 2 years ago
- Live forensic artifacts collectorβ169Updated last year
- Windows Forensics Environment Builderβ156Updated last month
- Malware repository component for samples & static configuration with REST API interface.β365Updated this week
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hosβ¦β32Updated 3 years ago
- A guide on how to write fast and memory friendly YARA rulesβ151Updated 6 months ago
- Sigma rule specificationβ145Updated last week
- β513Updated 10 months ago
- Jupyter Notebooks for the Blue Teamβ145Updated 5 months ago