Alternatives and similar repositories for dfir-lab

Users that are interested in dfir-lab are comparing it to the libraries listed below

• binalyze / tigma
  Sigma Engine implementation in TypeScript
  ☆28Updated 2 years ago
• AhmetPayaslioglu / YaraRules
  ☆21Updated 2 years ago
• 4n6Engineer / MalwareChecker
  Malware Checker Tool generates an HTML report by comparing Hashes, Ip Addresses and URL Addresses through the VirusTotal database.
  ☆36Updated 3 years ago
• codeyourweb / irma
  enpoint detection / live analysis & sandbox host / signatures quality test
  ☆44Updated 4 years ago
• r00tten / VTI-Cosplay
  Low budget VirusTotal Intelligence Cosplay
  ☆20Updated 3 years ago
• kdrypr / CTI-Feed-Collector
  Open Source Cyber Threat Intelligence Feed Collector
  ☆16Updated 3 years ago
• paramint / AD-Attack-Defense
  ☆12Updated 2 years ago
• Tatsuya-hasegawa / MSTICPy_utils
  my MSTICpy practice and custom tools repository
  ☆11Updated 2 months ago
• 3gbCyber / IR-Last-Write-Time
  Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.
  ☆27Updated 2 years ago
• oz9un / log-slapper
  log-slapper is an open-source offensive security tool designed for red-team operations as the post-exploit module and assessing your Splu…
  ☆24Updated 9 months ago
• RegSeek / regseek.github.io
  Vault of Windows Registry forensic artifacts
  ☆18Updated last week
• hpthreatresearch / tools
  Scripts and tools accompanying HP Threat Research blog posts and reports.
  ☆50Updated last year
• riza / wb
  Quickly fetches files from Wayback Machine.
  ☆77Updated last year
• SecTest-Innovera / Malware-Analysis
  Malware Analysis (Zararlı Yazılım Analizi)
  ☆31Updated 5 years ago
• MALWARE-ATLAS / ATLAS
  ATLAS - Malware Analysis Description
  ☆21Updated 2 years ago
• reecdeep / HiveV5_file_decryptor
  Hive v5 file decryption algorithm
  ☆34Updated 2 years ago
• Velocidex / SQLiteHunter
  Hunt for SQLite files used by various applications
  ☆26Updated last month
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆73Updated 7 months ago
• DomainTools / DomainCAT
  Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
  ☆43Updated 3 years ago
• svch0stz / velociraptor-detections
  ☆22Updated 2 years ago
• lawiet47 / autoresponder
  Carbon Black Response IR tool
  ☆53Updated 4 years ago
• strozfriedberg / qelp
  Quick ESXi Log Parser
  ☆21Updated 5 months ago
• MalGamy / YARA_Rules
  ☆66Updated 2 years ago
• gajos112 / SRUM-Timeliner
  ☆10Updated last year
• c2links / NoWhere2Hide
  C2 Active Scanner
  ☆59Updated last year
• caliskanfurkan / awesome-security-analytics
  A repo for security analytics & threat hunting resources
  ☆21Updated 6 years ago
• ppt0 / easyhunting
  Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way
  ☆18Updated 3 years ago
• alwashali / detection-validation
  Detection rule validation
  ☆41Updated last year
• ChistaDev / Chista
  Chista | Open Threat Intelligence Framework
  ☆58Updated last year
• stvemillertime / Cerebro
  Scripts and lists to help generate YARA friendly string mutations
  ☆21Updated 2 years ago