dfrws / dfrws2023-challenge
The DFRWS 2023 challenge (The Troubled Elevator) takes a deep dive into the domain of Industrial Control Systems (ICS), specifically focusing on programmable logic controllers (PLC). This challenge aims to provide deeper insights into ICS network traffic analysis and device memory in a real-world scenario.
☆44Updated 8 months ago
Alternatives and similar repositories for dfrws2023-challenge:
Users that are interested in dfrws2023-challenge are comparing it to the libraries listed below
- Forensic Artifact Collection Tool Matrix☆79Updated 2 months ago
- Rules shared by the community from 100 Days of YARA 2024☆83Updated 2 weeks ago
- Rules Shared by the Community from 100 Days of YARA 2023☆77Updated last year
- A specification and style guide for YARA rules☆43Updated 11 months ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆97Updated 11 months ago
- ☆65Updated last month
- Contains compiled binaries of Volatility☆30Updated 3 months ago
- Regexplore is a Volatility plugin designed to mimic the functionality of the Registry Explorer plugins in EZsuite☆17Updated last year
- Logbook for Digital Forensics and Incident Response☆50Updated 6 months ago
- Harness the power of Splunk for your investigations☆83Updated last month
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated last year
- Detection Engineering with YARA☆85Updated last year
- BlackBerry Threat Research & Intelligence☆96Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆94Updated last year
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆64Updated 11 months ago
- BSidesRoc 2022 Linux Malware/Forensics Course☆74Updated 2 years ago
- Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…☆31Updated 5 months ago
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆22Updated last month
- Malware Samples that could be used for teaching students about malware analysis.☆51Updated 9 months ago
- Python based CLI for MalwareBazaar☆36Updated 2 months ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆30Updated 2 years ago
- DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…☆77Updated 3 weeks ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆30Updated last month
- YARA rule analyzer to improve rule quality and performance☆95Updated 3 weeks ago
- The core backend server handling API requests and task management☆33Updated 2 weeks ago
- Volatility3 plugins developed and maintained by the community☆49Updated last year
- Xavier Framework is a user interface wrapper built on top of the Volatility(c) memory forensics framework.☆45Updated 2 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆50Updated last year
- Dump quarantined files from Windows Defender☆56Updated 2 years ago