dfir-iris / iris-clientLinks
Python client for DFIR-IRIS
☆21Updated 10 months ago
Alternatives and similar repositories for iris-client
Users that are interested in iris-client are comparing it to the libraries listed below
Sorting:
- ☆8Updated 8 months ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆110Updated last year
- Repository of public reference frameworks for the DFIR community.☆116Updated 2 years ago
- Incident Response documents and tooling☆74Updated last year
- ☆51Updated last year
- Jupyter notebooks for threat hunting☆57Updated 3 months ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆32Updated 3 years ago
- Forensics scripts aimed at automating & enhancing the Forensics Legend Eric Zimmerman's techniques, integrating the statistical detection…☆18Updated last year
- A repository of my own Sigma detection rules.☆159Updated 10 months ago
- Collection of scripts provided for public use☆34Updated 2 months ago
- ☆68Updated 7 months ago
- A python script developed to process Windows memory images based on triage type.☆263Updated last year
- An opensource sigma conversion tool built using pysigma☆131Updated last month
- A repository to share publicly available Velociraptor detection content☆184Updated this week
- A curated list of KAPE-related resources☆169Updated 2 months ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆39Updated last month
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆155Updated 3 years ago
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆164Updated last year
- Script to automate Linux live evidence collection☆27Updated 2 years ago
- Random notes collected on the intertubes relating to DFIR☆34Updated 2 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated 2 years ago
- Docker image for Velocidex Velociraptor☆129Updated 4 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆57Updated 3 weeks ago
- Detection Engineering with YARA☆87Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆122Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆85Updated 5 months ago
- ☆88Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆96Updated 2 years ago
- Remote access and Antivirus Logging Database☆42Updated last year