Rapidly Search and Hunt through Linux Forensics Artifacts
☆213Mar 9, 2026Updated 3 months ago
Alternatives and similar repositories for ChopChopGo
Users that are interested in ChopChopGo are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆656May 11, 2026Updated last month
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆118Jan 26, 2022Updated 4 years ago
- PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.☆331May 1, 2025Updated last year
- Capture. Detonate. Collect☆14Sep 20, 2024Updated last year
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆724May 2, 2026Updated 2 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Initial triage of Windows Event logs☆105Jun 16, 2024Updated 2 years ago
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,238Updated this week
- ESXi Cyber Security Incident Response Script☆28Sep 4, 2024Updated last year
- UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …☆1,395Updated this week
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆181Jun 29, 2026Updated last week
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆83Jun 28, 2023Updated 3 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆827May 30, 2026Updated last month
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,412Nov 7, 2024Updated last year
- WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)☆776Feb 3, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- CLI tools for forensic investigation of Windows artifacts☆354Jul 21, 2025Updated 11 months ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Vault of Windows Registry forensic artifacts☆31Nov 12, 2025Updated 7 months ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆262Oct 29, 2025Updated 8 months ago
- This repository serves as a place for community created Targets and Modules for use with KAPE.☆851Jun 17, 2026Updated 2 weeks ago
- MFT and USN parser that allows direct extraction in filesystem timeline format (mactime), dump all resident files in the MFT in their ori…☆13May 10, 2023Updated 3 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆660Jun 19, 2024Updated 2 years ago
- Blueteam operational triage registry hunting/forensic tool.☆148Sep 2, 2025Updated 10 months ago
- A ProcessMonitor visualization application written in rust.☆182Aug 6, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV outp…☆329Feb 26, 2026Updated 4 months ago
- Documentation and scripts to properly enable Windows event logs.☆708Oct 3, 2025Updated 9 months ago
- MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs☆760Feb 1, 2026Updated 5 months ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆69Feb 3, 2022Updated 4 years ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Sep 13, 2023Updated 2 years ago
- Artifact collection tool for *nix systems☆219Mar 20, 2024Updated 2 years ago
- Powershell module for VMWare vSphere forensics☆183Nov 8, 2024Updated last year
- A collection of tools and detections for the Sliver C2 Frameworj☆135Apr 24, 2023Updated 3 years ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆35May 25, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,573May 9, 2026Updated last month
- ☆219May 11, 2026Updated last month
- $MFT directory tree reconstruction & FILE record info☆332Oct 7, 2024Updated last year
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,073Oct 5, 2023Updated 2 years ago
- Incident Response collection and processing scripts with automated reporting scripts☆335Jun 25, 2024Updated 2 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆815Jan 14, 2026Updated 5 months ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆158Nov 30, 2021Updated 4 years ago