Alternatives and similar repositories for distro

Users that are interested in distro are comparing it to the libraries listed below

• REMnux / salt-states
  This repository maintains the SaltStack state files for the REMnux distro.
  ☆54Updated this week
• REMnux / remnux-cli
  This repository contains the source code for the REMnux installer, which is the command-line tool for installing and upgrading the REMnux…
  ☆48Updated last year
• Xumeiquer / yara-forensics
  Set of Yara rules for finding files using magics headers
  ☆141Updated 5 years ago
• airbus-cert / regrippy
  A modern Python-3-based alternative to RegRipper
  ☆200Updated 7 months ago
• NextronSystems / valhallaAPI
  Valhalla API Client
  ☆70Updated 2 years ago
• decalage2 / balbuzard
  Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain na…
  ☆140Updated 5 years ago
• Yara-Rules / yara-endpoint
  Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
  ☆110Updated 7 years ago
• williballenthin / EVTXtract
  EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  ☆201Updated 8 months ago
• EricZimmerman / bstrings
  A better strings utility!
  ☆143Updated 2 months ago
• CybercentreCanada / assemblyline-base
  Base components for Assemblyline 4 (Datastore, ODM, Filestore, Remote Datatypes, utils function, etc...)
  ☆70Updated this week
• malpedia / malpediaclient
  ☆27Updated 3 months ago
• kirk-sayre-work / ViperMonkey
  A VBA parser and emulation engine to analyze malicious macros.
  ☆96Updated last week
• hatching / triage
  Hatching Triage public command-line utility and API library.
  ☆73Updated 2 years ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆107Updated last year
• CERT-Polska / n6
  Automated handling of data feeds for security teams
  ☆143Updated last month
• REMnux / docker
  This repository contains Dockerfiles for building Docker images of popular malware analysis tools, which are distributed through the REMn…
  ☆290Updated 3 months ago
• MISP / misp-book
  User guide of MISP
  ☆281Updated 10 months ago
• Velocidex / c-aff4
  An AFF4 C++ implementation.
  ☆211Updated 2 years ago
• bestpractical / rtir
  ☆142Updated last week
• EFForg / yaya
  Yet Another Yara Automaton - Automatically curate open source yara rules and run scans
  ☆296Updated last year
• att / docker-forensics
  Tools to assist in forensicating docker
  ☆84Updated 8 months ago
• target / halogen
  Automatically create YARA rules from malicious documents.
  ☆211Updated 3 years ago
• viper-framework / viper2
  File analysis and management framework.
  ☆90Updated 2 years ago
• andreafortuna / autotimeliner
  Automagically extract forensic timeline from volatile memory dump
  ☆132Updated last year
• intezer / yara-rules
  ☆128Updated 9 months ago
• teamdfir / sift-saltstack
  Salt States for Configuring the SIFT Workstation
  ☆107Updated this week
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆135Updated last year
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆109Updated 6 months ago
• fox-it / acquire
  acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
  ☆112Updated 2 weeks ago
• mayhemiclabs / weblabyrinth
  A system that creates a bogus web structure to entrap and delay web scanners
  ☆65Updated 4 years ago