Alternatives and similar repositories for dfir-lab

Users that are interested in dfir-lab are comparing it to the libraries listed below

• AhmetPayaslioglu / YaraRules
  ☆21Updated 2 years ago
• codeyourweb / irma
  enpoint detection / live analysis & sandbox host / signatures quality test
  ☆44Updated 4 years ago
• 4n6Engineer / MalwareChecker
  Malware Checker Tool generates an HTML report by comparing Hashes, Ip Addresses and URL Addresses through the VirusTotal database.
  ☆36Updated 3 years ago
• binalyze / tigma
  Sigma Engine implementation in TypeScript
  ☆28Updated 2 years ago
• invoke-eric / jupyter
  Jupyter Notebooks for Cyber Threat Intelligence
  ☆35Updated last year
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆73Updated 7 months ago
• kdrypr / CTI-Feed-Collector
  Open Source Cyber Threat Intelligence Feed Collector
  ☆17Updated 3 years ago
• r00tten / VTI-Cosplay
  Low budget VirusTotal Intelligence Cosplay
  ☆20Updated 3 years ago
• trapmine / trapmine-linux-sensor
  An ebpf based agent for monitoring security relevant events on Linux systems.
  ☆32Updated last year
• MALWARE-ATLAS / ATLAS
  ATLAS - Malware Analysis Description
  ☆21Updated 2 years ago
• archanchoudhury / Threat-Hunting
  This Repository gives the best and possible strategies against hunting the ransomware
  ☆26Updated 2 years ago
• jgasmussen / Linux-Baseline-and-Forensic-Triage-Tool
  Linux Baseline and Forensic Triage Tool - BETA
  ☆55Updated 2 years ago
• paramint / AD-Attack-Defense
  ☆12Updated 2 years ago
• DomainTools / DomainCAT
  Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
  ☆43Updated 3 years ago
• Tatsuya-hasegawa / MSTICPy_utils
  my MSTICpy practice and custom tools repository
  ☆11Updated 2 months ago
• hpthreatresearch / tools
  Scripts and tools accompanying HP Threat Research blog posts and reports.
  ☆50Updated last year
• gsiddharth29 / Threat-Hunting
  Threat Hunt Investigation Methodology and Procedure
  ☆15Updated 3 years ago
• oz9un / log-slapper
  log-slapper is an open-source offensive security tool designed for red-team operations as the post-exploit module and assessing your Splu…
  ☆24Updated 10 months ago
• yarox24 / EvtxHussar
  Initial triage of Windows Event logs
  ☆101Updated last year
• alwashali / detection-validation
  Detection rule validation
  ☆41Updated last year
• mustgundogdu / PentestUI
  Active Directory Penetration Testing Tool
  ☆28Updated 3 years ago
• montysecurity / InfraHunter
  Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.
  ☆61Updated last year
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆77Updated 2 years ago
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆69Updated last month
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆95Updated 2 years ago
• joeavanzato / crackdown
  Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.
  ☆15Updated last year
• stvemillertime / Cerebro
  Scripts and lists to help generate YARA friendly string mutations
  ☆21Updated 2 years ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆55Updated 4 months ago
• c2links / NoWhere2Hide
  C2 Active Scanner
  ☆59Updated last year
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆79Updated 2 months ago