Remotely collect linux live forensics artifacts.
☆14Jul 8, 2022Updated 3 years ago
Alternatives and similar repositories for Remote-Linux-Triage-Collection-using-OSquery
Users that are interested in Remote-Linux-Triage-Collection-using-OSquery are comparing it to the libraries listed below
Sorting:
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 6 months ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- Safe Rust API to libesedb☆12Sep 10, 2025Updated 6 months ago
- Python bindings for https://github.com/omerbenamram/evtx/☆55Jan 3, 2026Updated 2 months ago
- A document tagging library☆33Mar 27, 2025Updated 11 months ago
- Windows file metadata / forensic tool.☆18Oct 12, 2025Updated 5 months ago
- Generic Signature Format for SIEM Systems☆18Jul 25, 2023Updated 2 years ago
- Aralez is a triage tool for Windows and Linux that automates the collection of system information, network/process data, and files.☆22Dec 11, 2025Updated 3 months ago
- Rust crate for accessing keys, values, and data stored in Windows hive (registry) files.☆52Jan 21, 2025Updated last year
- ☆23Oct 9, 2024Updated last year
- ☆17May 5, 2022Updated 3 years ago
- Information and code for chapter 15 of Sails.js IN ACTION☆16Jan 16, 2017Updated 9 years ago
- A tool to run and validate telemetry for Atomic Red Team tests☆16Mar 21, 2024Updated last year
- GDB cheatsheet for reversing binaries☆21Jan 25, 2019Updated 7 years ago
- Osquery Packs we use for customer security hardening☆12Jun 30, 2025Updated 8 months ago
- Memory Scaner☆65Sep 9, 2022Updated 3 years ago
- A tool to abuse Exchange services☆12Mar 18, 2024Updated 2 years ago
- A golang DNS monitor inspired by https://github.com/gamelinux/passivedns☆30Aug 13, 2025Updated 7 months ago
- Execute embedded Mimikatz☆13Nov 24, 2021Updated 4 years ago
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆29Sep 29, 2025Updated 5 months ago
- Windows Thingies... but in Rust☆23Nov 12, 2022Updated 3 years ago
- Grey-box fuzzer SIVO☆13Jul 11, 2021Updated 4 years ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆118Nov 28, 2023Updated 2 years ago
- Small enough to carry on your back (Backpack) 🎒💻☆32Jun 3, 2023Updated 2 years ago
- TN3270 MitM proxy and so much more☆14Jun 4, 2018Updated 7 years ago
- ☆14Jul 15, 2022Updated 3 years ago
- This repository contains generated contextual data utilized by pyattck.☆19Mar 3, 2025Updated last year
- The C4 Concurrent C Fuzzer☆14Nov 2, 2023Updated 2 years ago
- View dashboards and reports across all of your Kubernetes clusters using Powerpipe and Steampipe.☆29Aug 14, 2025Updated 7 months ago
- Automated testing, generation & manipulation of #osquery packs☆74Oct 16, 2024Updated last year
- Mattermost - Shodan Slash command☆31Jan 25, 2017Updated 9 years ago
- event shipper for Carbon Black Defense notifications☆10Feb 25, 2023Updated 3 years ago
- A Postfix filter which takes a piped message and submits it to Cuckoo Sandbox☆11Apr 3, 2016Updated 9 years ago
- Providing timelines based on OSINT Reports☆31Jun 21, 2023Updated 2 years ago
- Automatically exported from code.google.com/p/mac-osx-forensics☆28Jan 12, 2016Updated 10 years ago
- RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.☆10Jan 14, 2021Updated 5 years ago
- Mac osx forensics tools☆12Nov 28, 2020Updated 5 years ago
- Zeek package to detect Zerologon☆11Nov 10, 2021Updated 4 years ago