Alternatives and similar repositories for dfir-lab

Users that are interested in dfir-lab are comparing it to the libraries listed below

• AhmetPayaslioglu / YaraRules
  ☆21Updated 2 years ago
• 4n6Engineer / MalwareChecker
  Malware Checker Tool generates an HTML report by comparing Hashes, Ip Addresses and URL Addresses through the VirusTotal database.
  ☆36Updated 3 years ago
• codeyourweb / irma
  enpoint detection / live analysis & sandbox host / signatures quality test
  ☆44Updated 4 years ago
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆73Updated 2 months ago
• invoke-eric / jupyter
  Jupyter Notebooks for Cyber Threat Intelligence
  ☆35Updated 2 years ago
• stuxnet999 / EventTranscriptParser
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆69Updated 2 years ago
• oz9un / log-slapper
  log-slapper is an open-source offensive security tool designed for red-team operations as the post-exploit module and assessing your Splu…
  ☆24Updated last year
• binalyze / tigma
  Sigma Engine implementation in TypeScript
  ☆28Updated 2 years ago
• paramint / AD-Attack-Defense
  ☆13Updated 2 years ago
• ashemery / WindowsDFIR
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆78Updated 4 years ago
• Velocidex / SQLiteHunter
  Hunt for SQLite files used by various applications
  ☆26Updated 3 weeks ago
• nasbench / Eventlog_Compendium
  The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.
  ☆48Updated 5 months ago
• joeavanzato / crackdown
  Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.
  ☆16Updated last year
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated 2 years ago
• MalGamy / YARA_Rules
  ☆66Updated 2 years ago
• curated-intel / Threat-Actor-Profile-Guide
  The Threat Actor Profile Guide for CTI Analysts
  ☆114Updated 2 years ago
• 3gbCyber / IR-Last-Write-Time
  Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.
  ☆27Updated 2 years ago
• alwashali / detection-validation
  Detection rule validation
  ☆41Updated last year
• archanchoudhury / Threat-Hunting
  This Repository gives the best and possible strategies against hunting the ransomware
  ☆26Updated 3 years ago
• MALWARE-ATLAS / ATLAS
  ATLAS - Malware Analysis Description
  ☆21Updated 2 years ago
• jgasmussen / Linux-Baseline-and-Forensic-Triage-Tool
  Linux Baseline and Forensic Triage Tool - BETA
  ☆57Updated 3 years ago
• ADEOSec / Digital-Forensic-Training
  The Chupacabra case study was created by the ADEO dfir team due to the lack of resources and applications in the digital forensics field.…
  ☆22Updated 3 years ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆45Updated last year
• Beercow / DFIR_Toolbar
  ☆24Updated 7 months ago
• evild3ad / Get-MiniTimeline
  Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE
  ☆33Updated last year
• gsiddharth29 / Threat-Hunting
  Threat Hunt Investigation Methodology and Procedure
  ☆15Updated 3 years ago
• pr0xylife / Emotet
  IOC Collection 2022
  ☆57Updated 2 years ago
• montysecurity / InfraHunter
  Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.
  ☆62Updated last year
• r00tten / VTI-Cosplay
  Low budget VirusTotal Intelligence Cosplay
  ☆20Updated 3 years ago
• yarox24 / EvtxHussar
  Initial triage of Windows Event logs
  ☆102Updated last year