Alternatives and similar repositories for DFIR-Detection-Engineering:

Users that are interested in DFIR-Detection-Engineering are comparing it to the libraries listed below

• joshbrunty / DFIR-Regular-Expressions
  Regular Expressions List used in Digital Forensic Tasks
  ☆83Updated last week
• ThreatMon / ThreatMon-Daily-C2-Feeds
  IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.
  ☆61Updated last year
• z0m31en7 / WhatMail
  WhatMail is a command-line tool that analyzes the header of an email and provides detailed information about various fields.
  ☆132Updated last year
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆151Updated 9 months ago
• ozpingux / BasicLinuxForensicScript
  Bash Script to extract GNU/Linux forensic artifacts for digital forensic analysis and incident response.
  ☆43Updated last year
• markscanlonucd / ChatGPT-for-Digital-Forensics
  ☆131Updated last year
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆65Updated last year
• stuxnet999 / EventTranscriptParser
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆68Updated last year
• abdulshareef / DFIR-Resources
  Some important DFIR Resources
  ☆83Updated last year
• CScorza / Analisi-Digital-Forense
  Strumenti di Acquisizione e Analisi di copie Forensi
  ☆145Updated 11 months ago
• dfircheatsheet / dfircheatsheet.github.io
  ☆64Updated 2 years ago
• Gadzhovski / TRACE-Forensic-Toolkit
  TRACE is a digital forensic analysis tool that provides a user-friendly interface for investigating disk images.
  ☆156Updated 3 weeks ago
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆51Updated 2 months ago
• curated-intel / Threat-Actor-Profile-Guide
  The Threat Actor Profile Guide for CTI Analysts
  ☆104Updated last year
• YoNixNeXRo / C2Live
  Track C2 servers, tools, and botnets over time by framework and location
  ☆37Updated 3 weeks ago
• jgasmussen / Linux-Baseline-and-Forensic-Triage-Tool
  Linux Baseline and Forensic Triage Tool - BETA
  ☆53Updated 2 years ago
• jgasmussen / Case_Notes.py
  Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.
  ☆26Updated last year
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆71Updated 5 months ago
• montysecurity / InfraHunter
  Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.
  ☆59Updated 7 months ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆118Updated 10 months ago
• ThreatMon / ThreatMon-Reports-IOC
  ☆47Updated 10 months ago
• BushidoUK / Ransomware-Vulnerability-Matrix
  A collection of CVEs weaponized by ransomware operators
  ☆104Updated 2 months ago
• nixintel / sansosintsummit2023
  List of links and resources referred to in my SANS OSINT Summit 2023 Talk: "Tips & Tricks For Digital Dumpster Diving"
  ☆40Updated last year
• SpyderForensics / DarkWeb_Forensics
  A series of python scripts to extract information from Dark Web Applications
  ☆12Updated 3 months ago
• digitalsleuth / WIN-FOR
  Windows Forensics Environment Builder
  ☆131Updated last month
• utilsec / OSINT
  Includes quick start guides for Shodan for both IT and ICS/OT assets
  ☆123Updated last year
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆92Updated 3 months ago
• deFr0ggy / NightOwl
  An offline Phishing Email Analyzer. Enabling non-techies to analyze phishing emails automatically!
  ☆59Updated last year
• TLP-R3D / R3D-SSH-Hunter
  R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker
  ☆12Updated 3 months ago