Alternatives and similar repositories for dfrws2023-challenge

Users that are interested in dfrws2023-challenge are comparing it to the libraries listed below

• 100DaysofYARA / 2024
  Rules shared by the community from 100 Days of YARA 2024
  ☆86Updated 10 months ago
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated 2 years ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆107Updated last year
• fboldewin / YARA_Detection_Engineering
  Detection Engineering with YARA
  ☆87Updated last year
• solomonsonya / Xavier_MemoryAnalysis_Framework
  Xavier Framework is a user interface wrapper built on top of the Volatility(c) memory forensics framework.
  ☆45Updated 3 years ago
• blackberry / threat-research-and-intelligence
  BlackBerry Threat Research & Intelligence
  ☆99Updated 2 years ago
• Neo23x0 / YARA-Style-Guide
  A specification and style guide for YARA rules
  ☆60Updated last year
• dfir-scripts / siftgrab
  ☆68Updated 2 weeks ago
• SkillAegis / SkillAegis
  SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…
  ☆33Updated 3 weeks ago
• dwmetz / MalChela
  A YARA & Malware Analysis Toolkit written in Rust.
  ☆56Updated last month
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆91Updated last year
• xophidia / DFIR_Linux_Collector
  The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…
  ☆32Updated 3 years ago
• JPCERTCC / jpcert-yara
  JPCERT/CC public YARA rules repository
  ☆110Updated this week
• TactiKoolSec / OTHF
  Open Threat Hunting Framework
  ☆121Updated 2 years ago
• openrelik / openrelik-server
  The core backend server handling API requests and task management
  ☆49Updated 3 weeks ago
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆97Updated 2 years ago
• mnrkbys / fjta
  FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…
  ☆91Updated 2 weeks ago
• mitre / emu
  This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense
  ☆34Updated last month
• archcloudlabs / BSidesRoc2022_Linux_Malware_Analysis_Course
  BSidesRoc 2022 Linux Malware/Forensics Course
  ☆77Updated 3 years ago
• opencybersecurityalliance / oca-iob
  Augmentation to Machine Readable CTI
  ☆37Updated 2 months ago
• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆125Updated last year
• fox-it / acquire
  acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
  ☆112Updated last week
• korniko98 / pivot-atlas
  ☆99Updated 2 weeks ago
• Neo23x0 / yaraQA
  YARA rule analyzer to improve rule quality and performance
  ☆106Updated 7 months ago
• curated-intel / Threat-Actor-Profile-Guide
  The Threat Actor Profile Guide for CTI Analysts
  ☆115Updated 2 years ago
• alatif113 / mitre_attck_heatmap
  ☆18Updated 11 months ago
• volatilityfoundation / community3
  Volatility3 plugins developed and maintained by the community
  ☆60Updated 2 years ago
• center-for-threat-informed-defense / technique-inference-engine
  TIE is a machine learning model for inferring associated MITRE ATT&CK techniques from previously observed techniques.
  ☆61Updated 6 months ago
• mitre / training
  A CALDERA plugin
  ☆26Updated last week
• fox-it / skrapa
  A zero dependency and customizable Python library for scanning Windows and Linux process memory.
  ☆66Updated last year