QuoSecGmbH / os_timestamps

Related projects ⓘ

Alternatives and complementary repositories for os_timestamps

• libyal / winevt-kb
  Windows Event Log Knowledge Base
  ☆18Updated last month
• aleksost / MemoryDecompression
  Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.
  ☆48Updated 5 years ago
• Neo23x0 / xorex
  XOR Key Extractor
  ☆48Updated 3 months ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 2 years ago
• AbdulRhmanAlfaifi / SDSParser-rs
  NTFS Security Descriptor Stream ($Secure:$SDS) parser
  ☆14Updated last year
• y3n11 / Captain
  Userland API monitor for threat hunting
  ☆55Updated 4 years ago
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆71Updated last week
• zshehri / MITRE_EDR_Eval
  Parsing MITRE EDR Evaluation results
  ☆12Updated 5 years ago
• SecurityRiskAdvisors / PDBlaster
  ☆48Updated 4 years ago
• g-les / floss2yar
  ☆15Updated 2 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago
• airbus-cert / Splunk-ETW
  A Splunk Technology Add-on to forward filtered ETW events.
  ☆30Updated 4 years ago
• libyal / assorted
  Assorted documentation, scripts and tools
  ☆28Updated last month
• PwCUK-CTO / ScatterBee_Analysis
  Scripts to aid analysis of files obfuscated with ScatterBee.
  ☆16Updated last year
• msuhanov / ntfs-samples
  NTFS samples
  ☆25Updated 4 years ago
• stoerchl / yara_zip_module
  ☆13Updated 2 years ago
• jeFF0Falltrades / YARA-Signatures
  A collection of my public YARA signatures for various malware families
  ☆29Updated 2 months ago
• avast / yarang
  Alternative YARA scanning engine
  ☆67Updated 2 years ago
• 3c7 / bazaar
  Python based CLI for MalwareBazaar
  ☆36Updated 3 weeks ago
• RealityNet / McAFuse
  Toolset to analyze disks encrypted with McAFee FDE technology
  ☆17Updated 3 years ago
• sebmarchand / pyetw
  ☆13Updated 8 years ago
• REMnux / salt-states
  This repository maintains the SaltStack state files for the REMnux distro.
  ☆39Updated 2 weeks ago
• nccgroup / WindowsMemPageDelta
  A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection
  ☆28Updated 4 years ago
• conix-security / machoke
  ☆51Updated 6 years ago
• SigmaHQ / sigma-rules-validator
  Validates Sigma rules using the JSON schema
  ☆15Updated 8 months ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆53Updated 3 years ago
• hm-seclab / YAFRA
  YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
  ☆27Updated 2 years ago
• avast / yls
  YARA Language Server
  ☆68Updated this week
• cyb3rfox / MFTEntryCarver
  Carve files for MFT entries (eg. blkls output or memory dumps). Recovers filenames (long & short), timestamps ($STD & $FN) and data if re…
  ☆21Updated 5 years ago
• trendmicro / telfhash
  Symbol hash for ELF files
  ☆102Updated 2 years ago