Scripts to integrate DFIR-IRIS, MISP and TimeSketch
☆36Feb 2, 2022Updated 4 years ago
Alternatives and similar repositories for dfir-iris-misp-timesketch
Users that are interested in dfir-iris-misp-timesketch are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆33Mar 9, 2022Updated 4 years ago
- CSIRT Jump Bag☆27Apr 25, 2024Updated last year
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆120Oct 8, 2023Updated 2 years ago
- Mass Triage Tools☆20Mar 10, 2026Updated 2 weeks ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Open source training materials for law-enforcement and organisations interested in DFIR.☆63May 30, 2025Updated 9 months ago
- Different tools, koen.vanimpe@cudeso.be☆137Jul 21, 2025Updated 8 months ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆133Jan 31, 2022Updated 4 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- A suite of Volatility 3 plugins for memory forensics of Docker containers☆18Jan 10, 2024Updated 2 years ago
- Python client for DFIR-IRIS☆25Aug 19, 2024Updated last year
- Sigma rules converted for direct use with Zircolite☆14Updated this week
- Volatility plugin to search for all Autostart Extensibility Points (AESPs)☆10May 16, 2024Updated last year
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream☆12Oct 29, 2020Updated 5 years ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆158Nov 30, 2021Updated 4 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- ☆33Oct 25, 2021Updated 4 years ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆117Jan 26, 2022Updated 4 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆75Jan 18, 2022Updated 4 years ago
- Automation script to download JSON MISP files from a SFTP server and import them via API to a MISP instance.☆15May 12, 2023Updated 2 years ago
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆31Jan 9, 2025Updated last year
- shell script to create an image and perform initial examination on a drive☆15Feb 28, 2020Updated 6 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆11Jun 19, 2025Updated 9 months ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 9 months ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Oct 25, 2023Updated 2 years ago
- Presentation Slides and Resources☆16Jun 12, 2024Updated last year
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆24Jul 9, 2021Updated 4 years ago
- A repository of DFIR-related Mind Maps geared towards the visual learners!☆549Sep 2, 2022Updated 3 years ago
- CocktailParty is a data broker system based on phoenix framework☆23Apr 23, 2025Updated 11 months ago
- The Volatility Collaborative GUI☆265Feb 11, 2026Updated last month
- Lua plugin to extract data from Wireshark and convert it into MISP format☆49Oct 23, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient ��• AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- PowerShell module for Office 365 and Azure log collection☆280Sep 22, 2025Updated 6 months ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34May 17, 2021Updated 4 years ago
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Dec 14, 2021Updated 4 years ago
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆23Oct 26, 2019Updated 6 years ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆209Sep 15, 2021Updated 4 years ago