cisagov / CHIRP
A DFIR tool written in Python.
☆1,046Updated 3 years ago
Alternatives and similar repositories for CHIRP:
Users that are interested in CHIRP are comparing it to the libraries listed below
- Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…☆1,256Updated last year
- ☆560Updated last year
- An experimentation and research platform to investigate the interaction of automated agents in an abstract simulated network environments…☆1,691Updated 3 weeks ago
- GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]☆1,443Updated 8 months ago
- Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 en…☆1,416Updated 2 years ago
- Defences against Cobalt Strike☆1,282Updated 2 years ago
- IntelOwl: manage your Threat Intelligence at scale☆4,077Updated this week
- A Simple Ransomware Vaccine☆958Updated last year
- Collect information of Windows PC when doing incident response☆252Updated last year
- Tracking interesting Linux (and UNIX) malware. Send PRs☆1,170Updated last month
- Understand adversary tradecraft and improve detection strategies☆707Updated 2 years ago
- SunBurst DGA Decode Script☆207Updated 4 years ago
- CrackQ: A Python Hashcat cracking queue system☆932Updated 6 months ago
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆844Updated 3 years ago
- SolarWinds Orion Account Audit / Password Dumping Utility☆352Updated last year
- Red Team K8S Adversary Emulation Based on kubectl☆817Updated 3 years ago
- Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for…☆921Updated last year
- Storage Explorer - Publicly open storage viewer (Amazon S3 Bucket, Azure Blob, FTP server, HTTP Index Of/)☆442Updated last year
- Tools for hunting for threats.☆579Updated 5 months ago
- Collaborative Incident Response platform☆1,164Updated this week
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,079Updated last week
- Microsoft Threat Intelligence Security Tools☆1,830Updated this week
- Attack Surface Management since before Attack Surface Management was a thing☆639Updated this week
- Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...☆1,066Updated 6 months ago
- Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.☆899Updated this week
- A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365☆778Updated 2 years ago
- ☆318Updated 3 years ago
- Automated Red Team Infrastructure deployement using Docker☆1,234Updated 2 years ago
- A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE☆792Updated 10 months ago
- Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…☆3,129Updated 2 months ago