Alternatives and similar repositories for logdissect:

Users that are interested in logdissect are comparing it to the libraries listed below

• kamushadenes / cefevent
  ArcSight's Common Event Format library
  ☆37Updated last year
• teamdfir / sift-saltstack
  Salt States for Configuring the SIFT Workstation
  ☆97Updated this week
• EmersonElectricCo / fsf
  File Scanning Framework
  ☆288Updated 3 years ago
• tenzir / threatbus
  🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
  ☆261Updated last year
• keithjjones / fileintel
  A modular Python application to pull intelligence about malicious files
  ☆119Updated 4 years ago
• EmersonElectricCo / boomerang
  A tool designed for consistent and safe capture of off network web resources.
  ☆37Updated 7 years ago
• certsocietegenerale / event2timeline
  Simple Microsoft Windows sessions event logs visualization
  ☆151Updated 2 years ago
• assafmo / xioc
  Extract indicators of compromise from text, including "escaped" ones.
  ☆161Updated 4 years ago
• securityclippy / elasticintel
  Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.
  ☆140Updated last year
• csirtgadgets / bearded-avenger
  CIF v3 -- the fastest way to consume threat intelligence
  ☆183Updated last year
• PUNCH-Cyber / stoq-plugins-public
  stoQ Public Plugins
  ☆71Updated last year
• GreyNoise-Intelligence / pygreynoise
  Python3 library and command line for GreyNoise
  ☆151Updated 3 months ago
• IntegralDefense / ACE
  Analysis Correlation Engine
  ☆26Updated 5 years ago
• PUNCH-Cyber / stoq
  An open source framework for enterprise level automated analysis.
  ☆395Updated 2 years ago
• OTRF / notebooks-forge
  A collection of notebooks built for defensive and offensive operations.
  ☆77Updated 4 years ago
• google / GiftStick
  1-Click push forensics evidence to the cloud
  ☆140Updated 7 months ago
• PUNCH-Cyber / YaraGuardian
  Django web interface for managing Yara rules
  ☆190Updated 6 years ago
• Neo23x0 / evt2sigma
  Log Entry to Sigma Rule Converter
  ☆107Updated 2 years ago
• CityBaseInc / SIAC
  SIAC is an enterprise SIEM built on open-source technology.
  ☆113Updated 6 years ago
• log2timeline / dftimewolf
  A framework for orchestrating forensic collection, processing and data export
  ☆304Updated this week
• capesstack / capes
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆60Updated 5 years ago
• johestephan / CTI-Toolbox
  Cyber Threat Intelligence - Toolbox
  ☆50Updated 6 years ago
• ThreatHuntingProject / hunter
  A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.
  ☆241Updated 3 years ago
• mvelazc0 / Oriana
  Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…
  ☆179Updated 3 years ago
• carbonblack / cbapi-python
  Carbon Black API - Python language bindings
  ☆146Updated 5 months ago
• orlikoski / CDQR
  The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
  ☆334Updated 2 years ago
• att / docker-forensics
  Tools to assist in forensicating docker
  ☆81Updated last month
• OMENScan / AChoir
  Windows Live Artifacts Acquisition Script
  ☆186Updated 2 years ago
• Soinull / assimilate
  Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers
  ☆90Updated 7 years ago
• TheHive-Project / CortexDocs
  Documentation of Cortex
  ☆171Updated last year