Alternatives and similar repositories for MalChela

Users that are interested in MalChela are comparing it to the libraries listed below

• fboldewin / YARA_Detection_Engineering
  Detection Engineering with YARA
  ☆87Updated last year
• openrelik / openrelik-server
  The core backend server handling API requests and task management
  ☆49Updated 2 weeks ago
• dfir-scripts / siftgrab
  ☆68Updated this week
• stuxnet999 / EventTranscriptParser
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆68Updated 2 years ago
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated 2 years ago
• mnrkbys / fjta
  FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…
  ☆91Updated last week
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆149Updated last year
• Neo23x0 / YARA-Style-Guide
  A specification and style guide for YARA rules
  ☆60Updated last year
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆97Updated 2 years ago
• Ruler-Project / ruler-project
  Remote access and Antivirus Logging Database
  ☆43Updated last year
• mnrkbys / ma2tl
  macOS forensic timeline generator using the analysis result DBs of mac_apt
  ☆95Updated 2 years ago
• strozfriedberg / QELP
  Quick ESXi Log Parser
  ☆28Updated 2 weeks ago
• cocopollo / HunterM
  macOS Artifacts
  ☆33Updated 8 months ago
• c2links / NoWhere2Hide
  C2 Active Scanner
  ☆60Updated last year
• fox-it / skrapa
  A zero dependency and customizable Python library for scanning Windows and Linux process memory.
  ☆66Updated last year
• stuxnet999 / volatility-binaries
  Contains compiled binaries of Volatility
  ☆37Updated 5 months ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆125Updated last year
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆54Updated 11 months ago
• rapid7 / Rapid7-Labs
  Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…
  ☆73Updated 4 months ago
• jgasmussen / Linux-Baseline-and-Forensic-Triage-Tool
  Linux Baseline and Forensic Triage Tool - BETA
  ☆57Updated 3 years ago
• fox-it / acquire
  acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
  ☆110Updated 3 weeks ago
• CyberCX-DFIR / usnjrnl_rewind
  USN Journal full path builder
  ☆62Updated last year
• alatif113 / mitre_attck_heatmap
  ☆18Updated 10 months ago
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆88Updated 8 months ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆107Updated last year
• openrelik / openrelik-deploy
  Tools and scripts to deploy and manage OpenRelik instances
  ☆15Updated 4 months ago
• lxndrblz / forensicsim
  A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and rea…
  ☆108Updated last week
• mthcht / ThreatHunting-Keywords-yara-rules
  yara detection rules for hunting with the threathunting-keywords project
  ☆152Updated 5 months ago
• 100DaysofYARA / 2025
  Rules shared by the community from 100 Days of YARA 2025
  ☆36Updated 9 months ago
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Updated 4 months ago