cado-security/AWS_EKS_Cluster_Forensics external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

cado-security/AWS_EKS_Cluster_Forensics

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cado-security/AWS_EKS_Cluster_Forensics)

Close

cado-security / AWS_EKS_Cluster_ForensicsView on GitHubMore

• External links
• Readme badge

AWS EKS Cluster Forensics

☆23Aug 16, 2021Updated 4 years ago

Alternatives and similar repositories for AWS_EKS_Cluster_Forensics

Users that are interested in AWS_EKS_Cluster_Forensics are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• cado-security / CloudAndContainerCompromiseSimulator

  View on GitHub
  Simulates a compromise in a cloud and container environment
  ☆34Dec 18, 2024Updated last year
• RANDCorporation / DFORC2

  View on GitHub
  DFORC2 is a cloud-based digital forensics platform, developed at the RAND Corporation and backed by Autopsy and The Sleuth Kit. This repo…
  ☆13Jul 9, 2020Updated 5 years ago
• airbus-cert / timeliner

  View on GitHub
  A rewrite of mactime, a bodyfile reader
  ☆40Aug 5, 2024Updated last year
• zeflow / Sigma2SplunkAlert

  View on GitHub
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆12Jul 1, 2021Updated 4 years ago
• mandiant / win10_auto

  View on GitHub
  ☆24Aug 30, 2019Updated 6 years ago
• kidcrash22 / Sysmon-Threat-Intel

  View on GitHub
  ☆13Feb 6, 2018Updated 8 years ago
• Aldenar / salt-malware-sources

  View on GitHub
  Source files found after a recent hack of one of my machines, showing how the infection spreads itself and what it does, useful for analy…
  ☆13May 4, 2020Updated 5 years ago
• mandiant / DFUR-Splunk-App

  View on GitHub
  The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.
  ☆13Sep 9, 2020Updated 5 years ago
• Silv3rHorn / ArtifactExtractor

  View on GitHub
  Extract common Windows artifacts from source images and VSCs
  ☆65May 10, 2021Updated 4 years ago
• Tatsuya-hasegawa / MSTICPy_utils

  View on GitHub
  my MSTICpy practice and custom tools repository
  ☆11Apr 23, 2025Updated 11 months ago
• mandiant / vbScript_deobfuscator

  View on GitHub
  Help deobfuscate VBScript
  ☆18Jul 1, 2022Updated 3 years ago
• dwmetz / Axiom-PowerShell

  View on GitHub
  PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.
  ☆12Aug 26, 2024Updated last year
• comosedice2012 / Introduction-to-Process-Hollowing

  View on GitHub
  ☆19Aug 6, 2021Updated 4 years ago
• plesk / ext-website-virus-check

  View on GitHub
  Check your websites for viruses automatically using multiple anti-virus engines.
  ☆14Nov 7, 2025Updated 4 months ago
• NavyTitanium / Dns-online-filter

  View on GitHub
  Decides if provided domains are safe based on DNS threat blocking providers intelligence. Does not required to have any blocklist.
  ☆15Jan 10, 2018Updated 8 years ago
• brokensound77 / toruk

  View on GitHub
  Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data
  ☆13Jul 16, 2019Updated 6 years ago
• cado-security / rip_raw

  View on GitHub
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆133Jan 31, 2022Updated 4 years ago
• jipegit / IncidentsMindMaps

  View on GitHub
  Cybersecurity Incidents Mind Maps
  ☆34Sep 29, 2021Updated 4 years ago
• certgovaz / MAK

  View on GitHub
  Malware-Analysis-Kit
  ☆14Aug 3, 2015Updated 10 years ago
• forensicmatt / PancakeViewer

  View on GitHub
  A DFVFS Backed Forensic Viewer
  ☆42Apr 13, 2020Updated 5 years ago
• ThreatResponse / threatresponse_web

  View on GitHub
  Web based analysis platform for use with the AWS_IR command line tool.
  ☆17Aug 4, 2016Updated 9 years ago
• dwmetz / PSHero

  View on GitHub
  PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
  ☆37Jul 11, 2023Updated 2 years ago
• stvemillertime / ConventionEngine

  View on GitHub
  ConventionEngine - A Yara Rulepack for PDB Path Hunting
  ☆37Mar 15, 2023Updated 3 years ago
• elastic / sans-dfir-2022

  View on GitHub
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Feb 6, 2025Updated last year
• forensicmatt / RustyReg

  View on GitHub
  Registry to JSON. This Project is for learning purposes and is not maintained.
  ☆12Dec 28, 2021Updated 4 years ago
• forensicmatt / libtsk-rs

  View on GitHub
  Wrapper for TSK (Sleuth Kit) Bindings
  ☆12Jan 10, 2023Updated 3 years ago
• stuxnet999 / EventTranscriptParser

  View on GitHub
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆68Sep 13, 2023Updated 2 years ago
• theaj42 / presentations

  View on GitHub
  ☆17Jan 21, 2026Updated 2 months ago
• omerbenamram / winstructs

  View on GitHub
  Parsers for common structures across windows formats.
  ☆12Aug 23, 2023Updated 2 years ago
• cado-security / DFIR_Resources_REvil_Kaseya

  View on GitHub
  Resources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack
  ☆180Jul 6, 2021Updated 4 years ago
• khyrenz / parseusbs

  View on GitHub
  Parses USB connection artifacts from offline Registry hives
  ☆107Feb 8, 2026Updated last month
• Recruit-CSIRT / macApfsMounter

  View on GitHub
  A small tool to easily mount APFS image on macOS for forensics.
  ☆16Jul 30, 2020Updated 5 years ago
• S3cur3Th1sSh1t / LDAP-Signing-Scanner

  View on GitHub
  A little scanner to check the LDAP Signing state
  ☆46Aug 2, 2021Updated 4 years ago
• EricZimmerman / USBDevices

  View on GitHub
  Get USB Devices from Registry hives
  ☆22Nov 15, 2021Updated 4 years ago
• yarox24 / evtkit

  View on GitHub
  Fix acquired .evt - Windows Event Log files (Forensics)
  ☆18Mar 29, 2016Updated 9 years ago
• rj-chap / BaselineTraining

  View on GitHub
  Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk
  ☆14Mar 4, 2019Updated 7 years ago
• splunk / attack-detections-collector

  View on GitHub
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆69Mar 17, 2024Updated 2 years ago
• evild3ad / isodump

  View on GitHub
  isodump - ISO dump utility
  ☆41Jun 9, 2019Updated 6 years ago
• swisscom / PowerSponse

  View on GitHub
  PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
  ☆40Mar 18, 2022Updated 4 years ago