Alternatives and similar repositories for YaraFlux

Users that are interested in YaraFlux are comparing it to the libraries listed below

• weslambert / velocistack
  ☆53Updated last year
• ReconInfoSec / velociraptor-to-timesketch
  ☆12Updated 11 months ago
• Neo23x0 / YARA-Style-Guide
  A specification and style guide for YARA rules
  ☆56Updated last year
• YARAHQ / yara-forge
  Automated YARA Rule Standardization and Quality Assurance Tool
  ☆245Updated this week
• blueteam0ps / AllthingsTimesketch
  This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.
  ☆114Updated last year
• 100DaysofYARA / 2024
  Rules shared by the community from 100 Days of YARA 2024
  ☆86Updated 9 months ago
• opencybersecurityalliance / oca-iob
  Augmentation to Machine Readable CTI
  ☆34Updated 3 weeks ago
• magicsword-io / sigconverter.io
  An opensource sigma conversion tool built using pysigma
  ☆139Updated last month
• mnrkbys / fjta
  FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…
  ☆88Updated 3 weeks ago
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆130Updated this week
• CyberCX-DFIR / usnjrnl_rewind
  USN Journal full path builder
  ☆61Updated last year
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆88Updated 7 months ago
• center-for-threat-informed-defense / summiting-the-pyramid
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆49Updated 4 months ago
• mbabinski / Sigma-Rules
  A repository of my own Sigma detection rules.
  ☆162Updated last year
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆186Updated last week
• Digital-Defense-Institute / triage.zip
  A preconfigured Velociraptor triage collector
  ☆55Updated 2 weeks ago
• muchdogesec / txt2stix
  Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.
  ☆72Updated this week
• dlcowen / sansfor509
  Public script from SANS FOR509 Enterprise Cloud Incident Response
  ☆209Updated last month
• korniko98 / pivot-atlas
  ☆96Updated 2 months ago
• Digital-Forensics-Discord-Server / ArtifactParsers
  A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts
  ☆68Updated 10 months ago
• S-RM / wiskess_rust
  WISKESS automates the Windows evidence processing for Incident Response investigations. Rust version.
  ☆14Updated this week
• Yamato-Security / hayabusa-sample-evtx
  Sample evtx files to use for testing hayabusa detection rules
  ☆60Updated 11 months ago
• AndrewRathbun / KAPE-EZToolsAncillaryUpdater
  A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…
  ☆57Updated 3 months ago
• Ruler-Project / ruler-project
  Remote access and Antivirus Logging Database
  ☆42Updated last year
• openrelik / openrelik-server
  The core backend server handling API requests and task management
  ☆48Updated last week
• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆123Updated last year
• JPCERTCC / jpcert-yara
  JPCERT/CC public YARA rules repository
  ☆110Updated 9 months ago
• JouniMi / TheDFIRThing
  ☆21Updated last year
• csababarta / memory-baseliner
  Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…
  ☆55Updated 2 years ago
• SigmaHQ / pySigma-backend-elasticsearch
  pySigma Elasticsearch backend
  ☆54Updated last week