dfrws / dfrws2023-challenge
The DFRWS 2023 challenge (The Troubled Elevator) takes a deep dive into the domain of Industrial Control Systems (ICS), specifically focusing on programmable logic controllers (PLC). This challenge aims to provide deeper insights into ICS network traffic analysis and device memory in a real-world scenario.
☆40Updated 4 months ago
Related projects: ⓘ
- ☆46Updated last week
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated last year
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆61Updated 7 months ago
- Collection of Volatility3 symbols, generated against Linux and macOS kernels.☆53Updated this week
- Harness the power of Splunk for your investigations☆66Updated last month
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆94Updated last year
- Rules shared by the community from 100 Days of YARA 2024☆75Updated 5 months ago
- A specification and style guide for YARA rules☆34Updated 7 months ago
- Contains compiled binaries of Volatility☆28Updated 2 months ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆67Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 3 months ago
- Detection Engineering with YARA☆84Updated 8 months ago
- C2 Active Scanner☆45Updated 3 months ago
- Parses USB connection artifacts from offline Registry hives☆50Updated last week
- Xavier Framework is a user interface wrapper built on top of the Volatility(c) memory forensics framework.☆45Updated 2 years ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆29Updated 2 years ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆69Updated this week
- DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…☆71Updated this week
- Algorithme d'apprentissage statistique permettant de créer un modèle sur les lignes de commandes des évènements "Création de Processus", …☆78Updated 6 months ago
- JPCERT/CC public YARA rules repository☆98Updated 2 months ago
- A tool to use novel locations to extract metadata from Office documents.☆59Updated last year
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆62Updated last year
- ☆79Updated 3 weeks ago
- Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…☆26Updated last month
- Linux Baseline and Forensic Triage Tool - BETA☆51Updated 2 years ago
- BlackBerry Threat Research & Intelligence☆90Updated 10 months ago
- Resources for DFIR. And more.☆11Updated 2 months ago
- Jupyter Notebooks for Digital Forensics & Incident Response☆10Updated 2 years ago
- Volatility, on Docker 🐳☆23Updated 2 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆108Updated 5 months ago