Alternatives and similar repositories for dfir-lab

Users that are interested in dfir-lab are comparing it to the libraries listed below

• codeyourweb / irma
  enpoint detection / live analysis & sandbox host / signatures quality test
  ☆44Updated 4 years ago
• invoke-eric / jupyter
  Jupyter Notebooks for Cyber Threat Intelligence
  ☆35Updated 2 years ago
• binalyze / tigma
  Sigma Engine implementation in TypeScript
  ☆28Updated 2 years ago
• AhmetPayaslioglu / YaraRules
  ☆22Updated 2 years ago
• 4n6Engineer / MalwareChecker
  Malware Checker Tool generates an HTML report by comparing Hashes, Ip Addresses and URL Addresses through the VirusTotal database.
  ☆36Updated 3 years ago
• ADEOSec / Digital-Forensic-Training
  The Chupacabra case study was created by the ADEO dfir team due to the lack of resources and applications in the digital forensics field.…
  ☆23Updated 3 years ago
• MalGamy / YARA_Rules
  ☆66Updated 3 years ago
• kdrypr / CTI-Feed-Collector
  Open Source Cyber Threat Intelligence Feed Collector
  ☆17Updated 4 years ago
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆78Updated this week
• jgasmussen / Linux-Baseline-and-Forensic-Triage-Tool
  Linux Baseline and Forensic Triage Tool - BETA
  ☆57Updated 3 years ago
• Tatsuya-hasegawa / MSTICPy_utils
  my MSTICpy practice and custom tools repository
  ☆11Updated 9 months ago
• tsale / Threat-Intelligence-Playbooks
  High-level Threat Intelligence playbooks
  ☆20Updated 4 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆48Updated 5 years ago
• stuxnet999 / EventTranscriptParser
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆68Updated 2 years ago
• Beercow / DFIR_Toolbar
  ☆28Updated 3 months ago
• 3gbCyber / IR-Last-Write-Time
  Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.
  ☆27Updated 3 years ago
• AbdulRhmanAlfaifi / Rhaegal
  Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…
  ☆42Updated 2 years ago
• Dead-Simple-Scripts / AutoLLR
  Script to automate Linux live evidence collection
  ☆28Updated 3 years ago
• r00tten / VTI-Cosplay
  Low budget VirusTotal Intelligence Cosplay
  ☆20Updated 4 years ago
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated 2 years ago
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆73Updated 5 months ago
• svch0stz / velociraptor-detections
  ☆22Updated 3 years ago
• oz9un / log-slapper
  log-slapper is an open-source offensive security tool designed for red-team operations as the post-exploit module and assessing your Splu…
  ☆24Updated last year
• CyberDefend3r / PowerShell-Deobfuscation-Exercise
  An exercise to practice deobfuscating PowerShell Scripts.
  ☆26Updated 2 years ago
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆90Updated 2 months ago
• motionDetector / ForensicTools
  Analysis or research tools for digital forensics
  ☆10Updated 4 years ago
• MALWARE-ATLAS / ATLAS
  ATLAS - Malware Analysis Description
  ☆21Updated 2 years ago
• hpthreatresearch / tools
  Scripts and tools accompanying HP Threat Research blog posts and reports.
  ☆50Updated last year
• The-DFIR-Report / Suricata-Rules
  ☆11Updated 2 years ago
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆60Updated 3 years ago