☆70May 3, 2021Updated 4 years ago
Alternatives and similar repositories for Lab-DFIR-SOC
Users that are interested in Lab-DFIR-SOC are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- DFIRLab / Plateforme d'investigation numérique☆15Jul 6, 2021Updated 4 years ago
- This project is a SIEM with SIRP and Threat Intel, all in one.☆462Nov 20, 2024Updated last year
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆33Mar 9, 2022Updated 4 years ago
- Sigma rules converted for direct use with Zircolite☆14Updated this week
- Google Chrome forensic tool to process, analyze and visualize browsing artifacts☆211Dec 30, 2025Updated 4 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆806Apr 6, 2026Updated 3 weeks ago
- Converts exported results of CAPA tool from .json format to another formats supporting by different tools.☆22Feb 15, 2022Updated 4 years ago
- ☆18Jan 18, 2022Updated 4 years ago
- Tool to extract indicators of compromise from security reports in PDF,HTML,Web,Text format☆10Nov 6, 2017Updated 8 years ago
- Converts binary files of 1C (1CD, cf, epf, efd, etc.) to grepable CSV☆13Feb 12, 2024Updated 2 years ago
- ELKFH - Elastic, Logstash, Kibana, Filebeat and Honeypot (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)☆48Apr 26, 2021Updated 5 years ago
- Collection of some personal markdown resources☆21Jan 31, 2019Updated 7 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆60Mar 2, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Framework for Telegram users and chats investigating☆74Jun 5, 2025Updated 10 months ago
- Code and result files (models, etc.) related to Metadata Digger's parts using Artificial Intelligence methods.☆12Feb 4, 2020Updated 6 years ago
- ☆54May 14, 2024Updated last year
- ☆10Jan 22, 2025Updated last year
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆10Aug 18, 2022Updated 3 years ago
- YARA Rule Strings Statistics Calculator and Malware Research Helper☆14Jul 24, 2021Updated 4 years ago
- Windows File Enumeration Intel Gathering Tool.☆17Sep 4, 2023Updated 2 years ago
- This a Complete tool contained box for Capture The Flag competition. Mostly I have inserted all the necessary tools. Some of the people h…☆11Apr 16, 2022Updated 4 years ago
- Powershell module for VMWare vSphere forensics☆173Nov 8, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Retrieves information about a given domain from the Google Transparency Report : https://transparencyreport.google.com/https/certificates☆20Dec 15, 2021Updated 4 years ago
- Kali Linux fresh installation setup scripts.☆14Feb 10, 2017Updated 9 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Rules generated from our investigations.☆208Jun 17, 2025Updated 10 months ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Jan 16, 2018Updated 8 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,070Oct 5, 2023Updated 2 years ago
- petit "playbook" qui pourrait servir de base à une réponse à incident lors d'une attaque de type ransomware☆21Aug 30, 2022Updated 3 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- SMB Auto Relay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environme…☆46Dec 20, 2020Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Automagically extract forensic timeline from volatile memory dump☆133Mar 5, 2026Updated last month
- ☆19Aug 26, 2020Updated 5 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Analyzing AD domains for security risks related to user accounts☆64Nov 11, 2022Updated 3 years ago
- This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.☆15Jul 13, 2023Updated 2 years ago
- ☆12Dec 29, 2021Updated 4 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆52Jun 14, 2021Updated 4 years ago