att / docker-forensicsLinks
Tools to assist in forensicating docker
☆84Updated 5 months ago
Alternatives and similar repositories for docker-forensics
Users that are interested in docker-forensics are comparing it to the libraries listed below
Sorting:
- 1-Click push forensics evidence to the cloud☆141Updated last year
- Checks with NSRL RDS servers looking for for hash matches☆114Updated 4 years ago
- Salt States for Configuring the SIFT Workstation☆104Updated 2 weeks ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆109Updated 7 years ago
- Potiron - Normalize, Index and Visualize Network Capture☆88Updated 6 years ago
- misp-cloud - Cloud-ready images of MISP☆73Updated 2 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆42Updated 8 years ago
- MantaRay Automated Computer Forensic Triage Tool☆64Updated 6 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- Alienvault OTX TAXII connector☆56Updated 8 years ago
- automate your MISP installs☆68Updated 5 years ago
- References for FIRST CTI 2019 Symposium presentation☆22Updated 6 years ago
- ☆34Updated 4 years ago
- Digital Forensic Investigative Scripts☆83Updated this week
- Security Onion Elastic Stack☆46Updated 4 years ago
- A rewrite of mactime, a bodyfile reader☆40Updated last year
- Specifications used in the MISP project including MISP core format☆51Updated last month
- ☆83Updated 2 years ago
- Expert Investigation Guides☆52Updated 4 years ago
- InvestigationPlaybookSpec☆73Updated 7 years ago
- Build Automated Machine Images for MISP☆28Updated 2 years ago
- A collection of typical false positive indicators☆55Updated 4 years ago
- Different tools, koen.vanimpe@cudeso.be☆136Updated 2 weeks ago
- Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers☆91Updated 7 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆121Updated 4 years ago
- Deploy MISP Project software with Vagrant.☆43Updated 5 years ago
- Python Forensic and Log Analysis GUI☆26Updated 10 years ago
- An ELK environment containing interesting security datasets.☆137Updated 5 years ago
- A modern Python-3-based alternative to RegRipper☆196Updated 4 months ago
- Identifies physical locations where a laptop has been based upon wireless profiles and wireless data recorded in event logs☆93Updated 4 years ago