Alternatives and similar repositories for DFIR:

Users that are interested in DFIR are comparing it to the libraries listed below

• Azr43lKn1ght / DFIR-LABS
  DFIR LABS - A compilation of challenges that aims to provide practice in simple to advanced concepts in the following topics: Digital For…
  ☆174Updated 3 weeks ago
• MalwareCube / Email-IOC-Extractor
  A Python script for analyzing email files to extract IP addresses, URLs, headers, and attachments, with functionalities for defanging IPs…
  ☆18Updated 4 months ago
• abdulshareef / DFIR-Resources
  Some important DFIR Resources
  ☆83Updated last year
• CyDefOps / project-killchain
  Welcome to Project KillChain, a comprehensive GitHub repository for Red and Blue Teams. This repository houses tools, scripts, technique…
  ☆100Updated 6 months ago
• dahvidschloss / CRASH
  Completely Risky Active-Directory Simulation Hub
  ☆99Updated last year
• Ahmed-AL-Maghraby / Windows-Registry-Analysis-Cheat-Sheet
  ☆155Updated last year
• CyberSecurityUP / Anti-Forensic-Techniques
  ☆34Updated last month
• vm32 / Digital-Forensics-Script-for-Linux
  Advanced Bash script designed for conducting digital forensics on Linux systems
  ☆138Updated 10 months ago
• joshbrunty / DFIR-Regular-Expressions
  Regular Expressions List used in Digital Forensic Tasks
  ☆82Updated last year
• secure-cake / win-mal-investigations
  Windows Malware Investigation Scripts & Docs
  ☆74Updated 3 months ago
• LOLAPPS-Project / LOLAPPS
  LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.
  ☆179Updated this week
• ine-labs / ThreatSeeker
  ThreatSeeker: Threat Hunting via Windows Event Logs
  ☆118Updated last year
• sheimo / awesome-lolbins-and-beyond
  A curated list of awesome LOLBins, GTFO projects, and similar 'Living Off the Land' security resources.
  ☆140Updated 3 months ago
• hmaverickadams / autoNTDS
  autoNTDS is an automation script designed to simplify the process of dumping and cracking NTDS hashes using secretsdump.py and hashcat
  ☆109Updated last year
• Neo23x0 / YARA-Style-Guide
  A specification and style guide for YARA rules
  ☆45Updated last year
• BushidoUK / Ransomware-Vulnerability-Matrix
  A collection of CVEs weaponized by ransomware operators
  ☆104Updated last month
• LetsDefend / incident-response-playbooks
  ☆165Updated 11 months ago
• 0xrajneesh / Incident-Response-Projects-for-Beginners
  Hands-on cybersecurity projects to enhance skills in phishing investigation, malware analysis, network intrusion detection, and DDoS atta…
  ☆110Updated 8 months ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆151Updated 9 months ago
• Hacker-Hermanos / Knowledge-Management-for-Offensive-Security-Professionals
  Knowledge Management for Offensive Security Professionals Official Repository
  ☆134Updated last month
• adanalvarez / AWS-malware-lab
  Creation of a laboratory for malware analysis in AWS
  ☆93Updated 2 years ago
• EfstratiosLontzetidis / pythia
  Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…
  ☆31Updated 6 months ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆118Updated 10 months ago
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆71Updated 5 months ago
• TLP-R3D / R3D-SSH-Hunter
  R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker
  ☆12Updated 3 months ago
• AlbinoGazelle / esxi-testing-toolkit
  🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
  ☆68Updated last month
• CyberSecurityUP / Malware-Analysis-Exercises
  ☆36Updated last month
• MalBeacon / what-is-this-stealer
  A repository of credential stealer formats
  ☆193Updated 3 weeks ago