dfrws / dfrws2023-challenge
The DFRWS 2023 challenge (The Troubled Elevator) takes a deep dive into the domain of Industrial Control Systems (ICS), specifically focusing on programmable logic controllers (PLC). This challenge aims to provide deeper insights into ICS network traffic analysis and device memory in a real-world scenario.
☆46Updated 11 months ago
Alternatives and similar repositories for dfrws2023-challenge:
Users that are interested in dfrws2023-challenge are comparing it to the libraries listed below
- A specification and style guide for YARA rules☆47Updated last year
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated 2 years ago
- Rules shared by the community from 100 Days of YARA 2024☆85Updated 3 months ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates…☆63Updated 2 weeks ago
- Contains compiled binaries of Volatility☆33Updated 2 months ago
- Regexplore is a Volatility plugin designed to mimic the functionality of the Registry Explorer plugins in EZsuite☆17Updated 2 years ago
- Detection Engineering with YARA☆87Updated last year
- Malware Samples that could be used for teaching students about malware analysis.☆53Updated last year
- ☆68Updated 4 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated last year
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year
- Xavier Framework is a user interface wrapper built on top of the Volatility(c) memory forensics framework.☆45Updated 2 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated 4 months ago
- Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…☆32Updated 8 months ago
- macOS Artifacts☆29Updated last month
- The core backend server handling API requests and task management☆38Updated last week
- BlackBerry Threat Research & Intelligence☆98Updated last year
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆26Updated last month
- Forensic Artifact Collection Tool Matrix☆83Updated 5 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 7 months ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated last year
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆59Updated 2 years ago
- C2 Active Scanner☆55Updated 9 months ago
- Quick ESXi Log Parser☆17Updated 3 months ago
- Reads and prints information from the website MalAPI.io☆19Updated 2 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆51Updated 4 months ago
- Repository that contains a set of purposefully erroneous Yara rules.☆51Updated last year
- Harness the power of Splunk for your investigations☆98Updated 2 weeks ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated last year
- Linux Baseline and Forensic Triage Tool - BETA☆54Updated 2 years ago