Rapidly Search and Hunt through Linux Forensics Artifacts
☆209Mar 9, 2026Updated last month
Alternatives and similar repositories for ChopChopGo
Users that are interested in ChopChopGo are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆650Nov 7, 2025Updated 5 months ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆118Jan 26, 2022Updated 4 years ago
- PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.☆329May 1, 2025Updated last year
- Capture. Detonate. Collect☆14Sep 20, 2024Updated last year
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆709Updated this week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,135Apr 29, 2026Updated last week
- Initial triage of Windows Event logs☆106Jun 16, 2024Updated last year
- ESXi Cyber Security Incident Response Script☆27Sep 4, 2024Updated last year
- UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …☆1,325Apr 16, 2026Updated 2 weeks ago
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆174Updated this week
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Jun 28, 2023Updated 2 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆806Apr 6, 2026Updated last month
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,408Nov 7, 2024Updated last year
- WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)☆778Feb 3, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- CLI tools for forensic investigation of Windows artifacts☆352Jul 21, 2025Updated 9 months ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Vault of Windows Registry forensic artifacts☆30Nov 12, 2025Updated 5 months ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆256Oct 29, 2025Updated 6 months ago
- This repository serves as a place for community created Targets and Modules for use with KAPE.��☆838Apr 29, 2026Updated last week
- MFT and USN parser that allows direct extraction in filesystem timeline format (mactime), dump all resident files in the MFT in their ori…☆13May 10, 2023Updated 2 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆647Jun 19, 2024Updated last year
- Blueteam operational triage registry hunting/forensic tool.☆148Sep 2, 2025Updated 8 months ago
- A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV outp…☆321Feb 26, 2026Updated 2 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A ProcessMonitor visualization application written in rust.☆185Aug 6, 2023Updated 2 years ago
- Documentation and scripts to properly enable Windows event logs.☆694Oct 3, 2025Updated 7 months ago
- MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs☆759Feb 1, 2026Updated 3 months ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆70Feb 3, 2022Updated 4 years ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Sep 13, 2023Updated 2 years ago
- Artifact collection tool for *nix systems☆218Mar 20, 2024Updated 2 years ago
- Powershell module for VMWare vSphere forensics☆174Nov 8, 2024Updated last year
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆33May 25, 2024Updated last year
- A collection of tools and detections for the Sliver C2 Frameworj☆134Apr 24, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,534Updated this week
- ☆217Dec 2, 2025Updated 5 months ago
- $MFT directory tree reconstruction & FILE record info☆329Oct 7, 2024Updated last year
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,070Oct 5, 2023Updated 2 years ago
- Incident Response collection and processing scripts with automated reporting scripts☆328Jun 25, 2024Updated last year
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆812Jan 14, 2026Updated 3 months ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆158Nov 30, 2021Updated 4 years ago