cudeso / dfir-iris-misp-timesketchView external linksLinks
Scripts to integrate DFIR-IRIS, MISP and TimeSketch
☆34Feb 2, 2022Updated 4 years ago
Alternatives and similar repositories for dfir-iris-misp-timesketch
Users that are interested in dfir-iris-misp-timesketch are comparing it to the libraries listed below
Sorting:
- CSIRT Jump Bag☆27Apr 25, 2024Updated last year
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆117Oct 8, 2023Updated 2 years ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆32Mar 9, 2022Updated 3 years ago
- Automation script to download JSON MISP files from a SFTP server and import them via API to a MISP instance.☆15May 12, 2023Updated 2 years ago
- Open source training materials for law-enforcement and organisations interested in DFIR.☆63May 30, 2025Updated 8 months ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆30Jan 9, 2025Updated last year
- A suite of Volatility 3 plugins for memory forensics of Docker containers☆18Jan 10, 2024Updated 2 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆75Jan 18, 2022Updated 4 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34May 17, 2021Updated 4 years ago
- ☆33Feb 26, 2022Updated 3 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆134Jan 31, 2022Updated 4 years ago
- Mass Triage Tools☆20Dec 16, 2025Updated 2 months ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Oct 25, 2023Updated 2 years ago
- ☆33Oct 25, 2021Updated 4 years ago
- Incident Notification Platform by @NC3-LU☆11Updated this week
- Different tools, koen.vanimpe@cudeso.be☆136Jul 21, 2025Updated 6 months ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆117Jan 26, 2022Updated 4 years ago
- Taranis NG is an OSINT gathering and analysis tool for CSIRT teams and organisations. It allows team-to-team collaboration, and contains …☆10Oct 17, 2023Updated 2 years ago
- The Volatility Collaborative GUI☆265Updated this week
- ☆24Mar 12, 2025Updated 11 months ago
- Lua plugin to extract data from Wireshark and convert it into MISP format☆49Oct 23, 2023Updated 2 years ago
- ☆23Jun 1, 2023Updated 2 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆24Jul 9, 2021Updated 4 years ago
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆11Jun 19, 2025Updated 7 months ago
- Volatility plugin to search for all Autostart Extensibility Points (AESPs)☆10May 16, 2024Updated last year
- Jupyter Notebooks for Digital Forensics & Incident Response☆10Nov 23, 2021Updated 4 years ago
- Ivanti Pulse Secure CVE-2023-46805 Scanner - Based on Assetnote's Research☆12Jan 19, 2024Updated 2 years ago
- ☆42Sep 16, 2022Updated 3 years ago
- A libre software which is providing a backend architecture for collecting data from probes and storing proof of checks.☆11Jan 16, 2026Updated last month
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Dec 14, 2021Updated 4 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- A python script developed to process Windows memory images based on triage type.☆264Nov 25, 2023Updated 2 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 7 months ago
- Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream☆12Oct 29, 2020Updated 5 years ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- Data orchestration and management.☆10Aug 4, 2025Updated 6 months ago
- A privacy-aware exchange module to securely and privately share your indicators☆14Aug 23, 2017Updated 8 years ago