binalyze / dfir-labLinks
☆10Updated 3 weeks ago
Alternatives and similar repositories for dfir-lab
Users that are interested in dfir-lab are comparing it to the libraries listed below
Sorting:
- ☆21Updated 2 years ago
- enpoint detection / live analysis & sandbox host / signatures quality test☆44Updated 4 years ago
- ☆66Updated 2 years ago
- Malware Checker Tool generates an HTML report by comparing Hashes, Ip Addresses and URL Addresses through the VirusTotal database.☆36Updated 3 years ago
- Rules Shared by the Community from 100 Days of YARA 2023☆78Updated 2 years ago
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆73Updated last month
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆97Updated 2 years ago
- Sigma Engine implementation in TypeScript☆28Updated 2 years ago
- ATLAS - Malware Analysis Description☆21Updated 2 years ago
- my MSTICpy practice and custom tools repository☆11Updated 4 months ago
- Linux Baseline and Forensic Triage Tool - BETA☆57Updated 2 years ago
- Initial triage of Windows Event logs☆102Updated last year
- Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.☆27Updated 2 years ago
- Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way☆18Updated 3 years ago
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆39Updated last year
- A home for detection content developed by the delivr.to team☆70Updated 3 weeks ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆78Updated 4 years ago
- Hive v5 file decryption algorithm☆34Updated 2 years ago
- Library of threat hunts to get any user started!☆45Updated 4 years ago
- Detection rule validation☆41Updated last year
- CarbonBlack EDR detection rules and response actions☆71Updated 11 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆54Updated 8 months ago
- A ransomware group monitoring bot written in C#.☆57Updated 3 years ago
- Hunt for SQLite files used by various applications☆26Updated 3 weeks ago
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆71Updated 2 months ago
- Script to automate Linux live evidence collection☆27Updated 3 years ago
- Threat Hunt Investigation Methodology and Procedure☆15Updated 3 years ago
- Quick ESXi Log Parser☆24Updated last week