☆70May 3, 2021Updated 4 years ago
Alternatives and similar repositories for Lab-DFIR-SOC
Users that are interested in Lab-DFIR-SOC are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- DFIRLab / Plateforme d'investigation numérique☆15Jul 6, 2021Updated 4 years ago
- This project is a SIEM with SIRP and Threat Intel, all in one.☆461Nov 20, 2024Updated last year
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆33Mar 9, 2022Updated 4 years ago
- Sigma rules converted for direct use with Zircolite☆14Updated this week
- Google Chrome forensic tool to process, analyze and visualize browsing artifacts☆211Dec 30, 2025Updated 3 months ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆801Updated this week
- Converts exported results of CAPA tool from .json format to another formats supporting by different tools.☆22Feb 15, 2022Updated 4 years ago
- ☆18Jan 18, 2022Updated 4 years ago
- Converts binary files of 1C (1CD, cf, epf, efd, etc.) to grepable CSV☆13Feb 12, 2024Updated 2 years ago
- ELKFH - Elastic, Logstash, Kibana, Filebeat and Honeypot (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)☆48Apr 26, 2021Updated 4 years ago
- Collection of some personal markdown resources☆21Jan 31, 2019Updated 7 years ago
- https://github.com/yeyintminthuhtut/Awesome-Red-Teaming☆17Jan 15, 2022Updated 4 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆59Mar 2, 2025Updated last year
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Framework for Telegram users and chats investigating☆74Jun 5, 2025Updated 10 months ago
- Code and result files (models, etc.) related to Metadata Digger's parts using Artificial Intelligence methods.☆12Feb 4, 2020Updated 6 years ago
- ☆54May 14, 2024Updated last year
- ☆10Jan 22, 2025Updated last year
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆10Aug 18, 2022Updated 3 years ago
- YARA Rule Strings Statistics Calculator and Malware Research Helper☆14Jul 24, 2021Updated 4 years ago
- Windows File Enumeration Intel Gathering Tool.☆17Sep 4, 2023Updated 2 years ago
- This repository contains tools used by 401trg.☆20Apr 14, 2021Updated 4 years ago
- This a Complete tool contained box for Capture The Flag competition. Mostly I have inserted all the necessary tools. Some of the people h…☆11Apr 16, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Powershell module for VMWare vSphere forensics☆173Nov 8, 2024Updated last year
- Retrieves information about a given domain from the Google Transparency Report : https://transparencyreport.google.com/https/certificates☆20Dec 15, 2021Updated 4 years ago
- Kali Linux fresh installation setup scripts.☆14Feb 10, 2017Updated 9 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Rules generated from our investigations.☆207Jun 17, 2025Updated 9 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,069Oct 5, 2023Updated 2 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Jan 16, 2018Updated 8 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆572Dec 12, 2021Updated 4 years ago
- petit "playbook" qui pourrait servir de base à une réponse à incident lors d'une attaque de type ransomware☆21Aug 30, 2022Updated 3 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- NSE script to detect ProxyOracle☆13Aug 30, 2021Updated 4 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- SMB Auto Relay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environme…☆46Dec 20, 2020Updated 5 years ago
- Automagically extract forensic timeline from volatile memory dump☆133Mar 5, 2026Updated last month
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Analyzing AD domains for security risks related to user accounts☆64Nov 11, 2022Updated 3 years ago
- This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.☆15Jul 13, 2023Updated 2 years ago