LDO-CERT / orochi
The Volatility Collaborative GUI
☆223Updated this week
Related projects ⓘ
Alternatives and complementary repositories for orochi
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆145Updated last month
- A python script developed to process Windows memory images based on triage type.☆258Updated 11 months ago
- Memory acquisition for Linux that makes sense.☆152Updated 11 months ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆554Updated this week
- Live forensic artifacts collector☆160Updated 4 months ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆534Updated last week
- Parses $MFT from NTFS file systems☆198Updated last week
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆94Updated 8 months ago
- ☆187Updated last year
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆268Updated 2 months ago
- A curated list of KAPE-related resources☆155Updated 6 months ago
- Harness the power of Splunk for your investigations☆76Updated last week
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆268Updated 3 weeks ago
- Windows Forensics Environment Builder☆110Updated this week
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆94Updated last year
- An AFF4 C++ implementation.☆188Updated last year
- Signatures and IoCs from public Volexity blog posts.☆315Updated 3 months ago
- Malduck is your ducky companion in malware analysis journeys☆318Updated 4 months ago
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts☆51Updated last year
- The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportu…☆193Updated 6 months ago
- Jupyter Notebooks for the Blue Team☆141Updated last year
- Rules shared by the community from 100 Days of YARA 2024☆77Updated 6 months ago
- Rules generated from our investigations.☆188Updated last week
- Scripts to facilitate filtering with Plaso☆125Updated 4 years ago
- Threat Hunting tool about Sysmon and graphs☆329Updated last year
- Digital Forensics Artifacts Knowledge Base☆75Updated 5 months ago
- ☆90Updated 3 weeks ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆143Updated this week
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆157Updated 11 months ago
- $MFT directory tree reconstruction & FILE record info☆292Updated last month