certsocietegenerale / rAIdline
IR drill plateform
☆18Updated 3 weeks ago
Alternatives and similar repositories for rAIdline:
Users that are interested in rAIdline are comparing it to the libraries listed below
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated 5 months ago
- A preconfigured Velociraptor triage collector☆51Updated this week
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆84Updated 2 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 7 months ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆74Updated this week
- The core backend server handling API requests and task management☆38Updated 2 weeks ago
- Sigma detection rules for hunting with the threathunting-keywords project☆55Updated last month
- A high-speed forensic timeline creation tool for DFIR Investigators to quickly combine CSV files from EZ Tools/Kape, Axiom, Hayabusa, Cha…☆42Updated this week
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates…☆63Updated 3 weeks ago
- Tools and scripts to deploy and manage OpenRelik instances☆13Updated 2 months ago
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆21Updated 8 months ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 6 months ago
- A repository to share publicly available Velociraptor detection content☆156Updated this week
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆17Updated last week
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆87Updated 5 months ago
- ☆21Updated 2 months ago
- Detection Engineering with YARA☆87Updated last year
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆90Updated 2 weeks ago
- Quick ESXi Log Parser☆19Updated 3 months ago
- USN Journal full path builder☆59Updated 7 months ago
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆62Updated this week
- Finding ClickFix and FakeCAPTCHA like it's 1999☆14Updated this week
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆122Updated last year
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆30Updated 3 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆52Updated last year
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆154Updated 2 weeks ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆86Updated 8 months ago
- A collection of various SIEM rules relating to malware family groups.☆66Updated 10 months ago
- A specification and style guide for YARA rules☆48Updated last year
- A home for detection content developed by the delivr.to team☆68Updated 2 months ago