dfrws / dfrws2023-challenge
The DFRWS 2023 challenge (The Troubled Elevator) takes a deep dive into the domain of Industrial Control Systems (ICS), specifically focusing on programmable logic controllers (PLC). This challenge aims to provide deeper insights into ICS network traffic analysis and device memory in a real-world scenario.
☆46Updated 10 months ago
Alternatives and similar repositories for dfrws2023-challenge:
Users that are interested in dfrws2023-challenge are comparing it to the libraries listed below
- Rules shared by the community from 100 Days of YARA 2024☆85Updated 2 months ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates…☆58Updated last week
- A specification and style guide for YARA rules☆45Updated last year
- Forensic Artifact Collection Tool Matrix☆83Updated 4 months ago
- Volatility3 plugins developed and maintained by the community☆51Updated 2 years ago
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated last year
- Contains compiled binaries of Volatility☆33Updated 2 months ago
- ☆67Updated 3 months ago
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆32Updated 4 months ago
- Regexplore is a Volatility plugin designed to mimic the functionality of the Registry Explorer plugins in EZsuite☆17Updated last year
- The core backend server handling API requests and task management☆38Updated 2 weeks ago
- Collection of Volatility2 profiles, generated against Linux kernels.☆36Updated 3 weeks ago
- Malware Samples that could be used for teaching students about malware analysis.�☆53Updated 11 months ago
- Detection Engineering with YARA☆87Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated last year
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆98Updated last year
- Xavier Framework is a user interface wrapper built on top of the Volatility(c) memory forensics framework.☆45Updated 2 years ago
- Harness the power of Splunk for your investigations☆94Updated last week
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆30Updated 3 years ago
- Volatility Symbol Generator for Linux Kernels☆33Updated last year
- Reads and prints information from the website MalAPI.io☆19Updated 2 years ago
- JPCERT/CC public YARA rules repository☆106Updated 3 months ago
- Windows symbol tables for Volatility 3☆81Updated 8 months ago
- Malware Analysis Exercise Samples and Resources☆40Updated 4 months ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated last year
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated last year
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆58Updated 2 years ago
- Remote access and Antivirus Logging Database☆42Updated 10 months ago
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts☆59Updated 4 months ago