acquiredsecurity / forensic-timelinerLinks
A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Tools) Kape, Axiom, Hayabusa, Chainsaw and Nirsoft into a unified timeline.
☆302Updated 3 months ago
Alternatives and similar repositories for forensic-timeliner
Users that are interested in forensic-timeliner are comparing it to the libraries listed below
Sorting:
- Config files for my GitHub profile.☆14Updated 2 years ago
- Harness the power of Splunk for your investigations☆149Updated 4 months ago
- Advanced Threat Hunting: Ransomware Group☆29Updated 7 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆162Updated 10 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Updated last year
- A repository to share publicly available Velociraptor detection content☆196Updated this week
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆109Updated 9 months ago
- QuickResponseC2 is a Command & Control Server that leverages QR codes to send commands and receive results from remote systems.☆57Updated last year
- Incident Response documents and tooling☆111Updated last month
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆279Updated 10 months ago
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆178Updated 3 weeks ago
- Pipeline that allows sending forensic artifacts to OpenRelik for automatic processing☆39Updated last week
- MISP Playbooks☆222Updated 3 months ago
- A curated collection of DFIR skills and workflows for InfoSec practitioners.☆244Updated this week
- ☆54Updated last year
- LotL RMM☆289Updated last week
- ☆120Updated 8 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆300Updated this week
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆277Updated last month
- An opensource sigma conversion tool built using pysigma☆157Updated 3 weeks ago
- Parses USB connection artifacts from offline Registry hives☆106Updated 7 months ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆118Updated 2 years ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Updated last year
- A repository of my own Sigma detection rules.☆163Updated 2 months ago
- AI-powered cybersecurity attack flow visualization tool using MITRE ATT&CK☆197Updated 2 months ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆115Updated last year
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆201Updated last year
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆103Updated 3 weeks ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆107Updated 3 years ago
- Have you ever wanted to search a link or IP address on multiple OSINT pages at once?☆59Updated 7 months ago