att / docker-forensicsLinks
Tools to assist in forensicating docker
☆83Updated 2 months ago
Alternatives and similar repositories for docker-forensics
Users that are interested in docker-forensics are comparing it to the libraries listed below
Sorting:
- misp-cloud - Cloud-ready images of MISP☆72Updated 2 years ago
- A collection of typical false positive indicators☆55Updated 4 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆42Updated 8 years ago
- A rewrite of mactime, a bodyfile reader☆37Updated 9 months ago
- Expert Investigation Guides☆51Updated 4 years ago
- InvestigationPlaybookSpec☆72Updated 7 years ago
- Invoke-LiveResponse☆148Updated 3 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 4 years ago
- ☆49Updated 4 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- Volatility plugins created by the author☆44Updated 9 years ago
- Volatility plugins developed and maintained by the community☆21Updated 8 months ago
- 1-Click push forensics evidence to the cloud☆141Updated 11 months ago
- A community event for security researchers to share their favorite notebooks☆107Updated last year
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆109Updated 7 years ago
- An ELK environment containing interesting security datasets.☆137Updated 5 years ago
- Analyze binaries collected in VMware Carbon Black EDR against Yara rules.☆38Updated 2 years ago
- MantaRay Automated Computer Forensic Triage Tool☆64Updated 6 years ago
- Specifications used in the MISP project including MISP core format☆51Updated 4 months ago
- stoQ Public Plugins☆71Updated 2 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆53Updated 2 years ago
- Salt States for Configuring the SIFT Workstation☆103Updated 3 weeks ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆87Updated 3 years ago
- Zeek Auxiliary Programs☆28Updated 3 weeks ago
- Simple yara rule manager☆66Updated 2 years ago
- Recon Hunt Queries☆77Updated 4 years ago
- Different DFIR and CTI utilities☆37Updated 5 years ago
- Extract common Windows artifacts from source images and VSCs☆65Updated 4 years ago
- A Splunk app with saved reports derived from Sigma rules☆73Updated 7 years ago