Alternatives and similar repositories for dfir-lab

Users that are interested in dfir-lab are comparing it to the libraries listed below

• AhmetPayaslioglu / YaraRules
  ☆21Updated 2 years ago
• codeyourweb / irma
  enpoint detection / live analysis & sandbox host / signatures quality test
  ☆44Updated 4 years ago
• MalGamy / YARA_Rules
  ☆66Updated 2 years ago
• 4n6Engineer / MalwareChecker
  Malware Checker Tool generates an HTML report by comparing Hashes, Ip Addresses and URL Addresses through the VirusTotal database.
  ☆36Updated 3 years ago
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated 2 years ago
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆73Updated last month
• invoke-eric / jupyter
  Jupyter Notebooks for Cyber Threat Intelligence
  ☆35Updated last year
• stuxnet999 / EventTranscriptParser
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆69Updated last year
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆97Updated 2 years ago
• binalyze / tigma
  Sigma Engine implementation in TypeScript
  ☆28Updated 2 years ago
• MALWARE-ATLAS / ATLAS
  ATLAS - Malware Analysis Description
  ☆21Updated 2 years ago
• Tatsuya-hasegawa / MSTICPy_utils
  my MSTICpy practice and custom tools repository
  ☆11Updated 4 months ago
• jgasmussen / Linux-Baseline-and-Forensic-Triage-Tool
  Linux Baseline and Forensic Triage Tool - BETA
  ☆57Updated 2 years ago
• yarox24 / EvtxHussar
  Initial triage of Windows Event logs
  ☆102Updated last year
• 3gbCyber / IR-Last-Write-Time
  Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.
  ☆27Updated 2 years ago
• ppt0 / easyhunting
  Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way
  ☆18Updated 3 years ago
• op7ic / Cloud-Investigate
  A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.
  ☆39Updated last year
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆70Updated 3 weeks ago
• ashemery / WindowsDFIR
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆78Updated 4 years ago
• reecdeep / HiveV5_file_decryptor
  Hive v5 file decryption algorithm
  ☆34Updated 2 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆45Updated 4 years ago
• alwashali / detection-validation
  Detection rule validation
  ☆41Updated last year
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆71Updated 11 months ago
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆54Updated 8 months ago
• soufianetahiri / RansomwareMonitor
  A ransomware group monitoring bot written in C#.
  ☆57Updated 3 years ago
• Velocidex / SQLiteHunter
  Hunt for SQLite files used by various applications
  ☆26Updated 3 weeks ago
• rapid7 / Rapid7-Labs
  Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…
  ☆71Updated 2 months ago
• Dead-Simple-Scripts / AutoLLR
  Script to automate Linux live evidence collection
  ☆27Updated 3 years ago
• gsiddharth29 / Threat-Hunting
  Threat Hunt Investigation Methodology and Procedure
  ☆15Updated 3 years ago
• strozfriedberg / QELP
  Quick ESXi Log Parser
  ☆24Updated last week