dogoncouch / logdissect
CLI utility and Python module for analyzing log files and other data.
☆146Updated last month
Related projects: ⓘ
- An open source framework for enterprise level automated analysis.☆393Updated 2 years ago
- Please use https://github.com/veeral-patel/true-positive instead☆65Updated last year
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆255Updated last year
- A tool designed for consistent and safe capture of off network web resources.☆35Updated 7 years ago
- A modular Python application to pull intelligence about malicious files☆117Updated 3 years ago
- File Scanning Framework☆285Updated 3 years ago
- A Python library to help with some common threat hunting data analysis operations☆138Updated last year
- 1-Click push forensics evidence to the cloud☆137Updated 2 months ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆175Updated 3 years ago
- Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers☆90Updated 6 years ago
- A collection of notebooks built for defensive and offensive operations.☆76Updated 3 years ago
- ArcSight's Common Event Format library☆36Updated 10 months ago
- Threat Feed Aggregation, Made Easy☆166Updated 4 years ago
- Python3 library and command line for GreyNoise☆149Updated this week
- A live dashboard for a real-time overview of threat intelligence from MISP instances☆192Updated last year
- GeoLogonalyzer is a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.☆195Updated last month
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆234Updated 3 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆332Updated 2 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆181Updated last year
- Command line utility and Python package to ease the (un)mounting of forensic disk images☆116Updated last year
- DomainTools Official Python API☆79Updated this week
- stoQ Public Plugins☆71Updated last year
- Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.☆139Updated last year
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆104Updated 8 months ago
- A collection of static files maintained by the Sublime team, primarily used for phishing defense.☆84Updated last week
- ☆139Updated this week
- Multithreaded threat Intelligence gathering built with Python3☆168Updated 6 years ago
- Evolving directions on building the best Open Source Forensics VM☆160Updated 6 years ago
- This repo contains all of my OS hardening scripts☆68Updated 6 years ago
- Qualys API connector.☆103Updated last month