☆69May 3, 2021Updated 4 years ago
Alternatives and similar repositories for Lab-DFIR-SOC
Users that are interested in Lab-DFIR-SOC are comparing it to the libraries listed below
Sorting:
- DFIRLab / Plateforme d'investigation numérique☆15Jul 6, 2021Updated 4 years ago
- This project is a SIEM with SIRP and Threat Intel, all in one.☆461Nov 20, 2024Updated last year
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆33Mar 9, 2022Updated 4 years ago
- Sigma rules converted for direct use with Zircolite☆14Mar 16, 2026Updated last week
- Google Chrome forensic tool to process, analyze and visualize browsing artifacts☆211Dec 30, 2025Updated 2 months ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆791Mar 14, 2026Updated last week
- ☆18Jan 18, 2022Updated 4 years ago
- Tool to extract indicators of compromise from security reports in PDF,HTML,Web,Text format☆10Nov 6, 2017Updated 8 years ago
- Converts binary files of 1C (1CD, cf, epf, efd, etc.) to grepable CSV☆12Feb 12, 2024Updated 2 years ago
- ELKFH - Elastic, Logstash, Kibana, Filebeat and Honeypot (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)☆48Apr 26, 2021Updated 4 years ago
- https://github.com/yeyintminthuhtut/Awesome-Red-Teaming☆17Jan 15, 2022Updated 4 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Framework for Telegram users and chats investigating☆75Jun 5, 2025Updated 9 months ago
- ☆54May 14, 2024Updated last year
- Code and result files (models, etc.) related to Metadata Digger's parts using Artificial Intelligence methods.☆12Feb 4, 2020Updated 6 years ago
- ☆10Jan 22, 2025Updated last year
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆10Aug 18, 2022Updated 3 years ago
- YARA Rule Strings Statistics Calculator and Malware Research Helper☆14Jul 24, 2021Updated 4 years ago
- Windows File Enumeration Intel Gathering Tool.☆17Sep 4, 2023Updated 2 years ago
- This repository contains tools used by 401trg.☆20Apr 14, 2021Updated 4 years ago
- This a Complete tool contained box for Capture The Flag competition. Mostly I have inserted all the necessary tools. Some of the people h…☆11Apr 16, 2022Updated 3 years ago
- Powershell module for VMWare vSphere forensics☆170Nov 8, 2024Updated last year
- Retrieves information about a given domain from the Google Transparency Report : https://transparencyreport.google.com/https/certificates☆20Dec 15, 2021Updated 4 years ago
- Kali Linux fresh installation setup scripts.☆14Feb 10, 2017Updated 9 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,062Oct 5, 2023Updated 2 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Jan 16, 2018Updated 8 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆573Dec 12, 2021Updated 4 years ago
- petit "playbook" qui pourrait servir de base à une réponse à incident lors d'une attaque de type ransomware☆21Aug 30, 2022Updated 3 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- NSE script to detect ProxyOracle☆13Aug 30, 2021Updated 4 years ago
- SMB Auto Relay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environme…☆46Dec 20, 2020Updated 5 years ago
- Automagically extract forensic timeline from volatile memory dump☆133Mar 5, 2026Updated 2 weeks ago
- ☆19Aug 26, 2020Updated 5 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.☆15Jul 13, 2023Updated 2 years ago
- ☆12Dec 29, 2021Updated 4 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆52Jun 14, 2021Updated 4 years ago
- NMAP NSE script that scans for http(s) server, takes a screenshot of them, and organizes the results into an HTML report.☆27Sep 20, 2014Updated 11 years ago