amir9339 / volatility-dockerLinks
A suite of Volatility 3 plugins for memory forensics of Docker containers
☆18Updated 2 years ago
Alternatives and similar repositories for volatility-docker
Users that are interested in volatility-docker are comparing it to the libraries listed below
Sorting:
- Data visualization for blue teams☆126Updated 3 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆66Updated 3 years ago
- Linux Evidence Acquisition Framework☆119Updated last year
- ☆44Updated 6 months ago
- Small web frontend for using openAI's GPT-3.5 and GPT-4's API☆59Updated 10 months ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆67Updated last year
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Updated 3 years ago
- Harvest Linux forensic data for operational triage of an event.☆51Updated 2 months ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆70Updated 4 years ago
- Reads and prints information from the website MalAPI.io☆39Updated 4 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Updated 2 months ago
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆105Updated 3 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆134Updated 4 years ago
- Security Content for the PEAK Threat Hunting Framework☆40Updated last year
- Carbon Black Response IR tool☆55Updated 5 years ago
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆42Updated 3 weeks ago
- A home for detection content developed by the delivr.to team☆73Updated 6 months ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆108Updated last year
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆75Updated 4 years ago
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆41Updated last week
- Forensic Artifact Collection Tool Matrix☆92Updated last year
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆79Updated 2 weeks ago
- Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…☆128Updated 10 months ago
- TAPIR is a multi-user, client/server, incident response framework☆47Updated 3 years ago
- Active C2 IoCs☆99Updated 3 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆52Updated 2 years ago
- Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets.☆61Updated 4 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆150Updated 2 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97Updated 2 years ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated 2 years ago