Alternatives and similar repositories for dfrws2018-challenge:

Users that are interested in dfrws2018-challenge are comparing it to the libraries listed below

• lancemueller / EnCase-EnScripts
  General repository for compiled and uncompiled EnCase EnScripts
  ☆47Updated 3 years ago
• sapphirex00 / Threat-Hunting
  Personal compilation of APT malware from whitepaper releases, documents and own research
  ☆257Updated 5 years ago
• matonis / page_brute
  Page File analysis tools.
  ☆124Updated 9 years ago
• ashemery / CuckooVM
  Cuckoo running in a nested hypervisor
  ☆128Updated 4 years ago
• SparkITSolutions / phoenix
  Cuckoo Sandbox is an automated dynamic malware analysis system
  ☆106Updated 4 years ago
• bartblaze / MaTiRe
  Malware Analysis, Threat Intelligence and Reverse Engineering: LABS
  ☆82Updated 4 years ago
• williballenthin / EVTXtract
  EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  ☆193Updated 4 years ago
• PoorBillionaire / Windows-Prefetch-Parser
  Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files
  ☆114Updated 7 months ago
• Xumeiquer / yara-forensics
  Set of Yara rules for finding files using magics headers
  ☆134Updated 4 years ago
• 504ensicsLabs / DAMM
  Differential Analysis of Malware in Memory
  ☆212Updated 7 years ago
• andreafortuna / autotimeliner
  Automagically extract forensic timeline from volatile memory dump
  ☆124Updated 8 months ago
• SCILabsMX / yaraZeekAlert
  This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…
  ☆61Updated last year
• sdckey / EnScript-Samples
  This repository is a collection of EnScript code samples for use in the OpenText EnCase application.
  ☆53Updated 2 weeks ago
• JPCERTCC / DetectLM
  Detecting Lateral Movement with Machine Learning
  ☆137Updated 7 years ago
• MAECProject / malware-behaviors
  A taxonomy and dictionary of malware behaviors.
  ☆42Updated 5 years ago
• tomchop / volatility-autoruns
  Autoruns plugin for the Volatility framework
  ☆119Updated 5 years ago
• unixfreaxjp / malwaremustdie
  repository of tools & resources of the MMD team
  ☆131Updated 2 years ago
• daveherrald / botsv1
  Splunk Boss of the SOC v1 data set.
  ☆111Updated 6 years ago
• rastrea2r / rastrea2r
  Collecting & Hunting for IOCs with gusto and style
  ☆236Updated 3 years ago
• monnappa22 / HollowFind
  Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …
  ☆131Updated 2 years ago
• msuhanov / yarp
  Yet another registry parser
  ☆130Updated 2 years ago
• AJMartel / IRTriage
  Incident Response Triage - Windows Evidence Collection for Forensic Analysis
  ☆130Updated 8 years ago
• 0x4D31 / deception-as-detection
  Deception based detection techniques mapped to the MITRE’s ATT&CK framework
  ☆288Updated 7 years ago
• marcurdy / dfir-toolset
  Dump of organized knowledge on DFIR
  ☆132Updated 3 years ago
• tomchop / unxor
  unXOR will search a XORed file and try to guess the key using known-plaintext attacks.
  ☆142Updated 4 years ago
• pan-unit42 / playbook_viewer
  ☆170Updated 6 months ago
• kirk-sayre-work / ViperMonkey
  A VBA parser and emulation engine to analyze malicious macros.
  ☆93Updated 2 months ago
• kevthehermit / VolUtility
  Web App for Volatility framework
  ☆380Updated last month
• NVISOsecurity / SEC599
  SEC599 supporting GitHub repository
  ☆16Updated 5 years ago