forensicanalysis / artifactcollectorLinks
π§ The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
β288Updated last month
Alternatives and similar repositories for artifactcollector
Users that are interested in artifactcollector are comparing it to the libraries listed below
Sorting:
- A python script developed to process Windows memory images based on triage type.β262Updated last year
- Rules generated from our investigations.β195Updated this week
- Live forensic artifacts collectorβ167Updated 11 months ago
- A framework for orchestrating forensic collection, processing and data exportβ323Updated this week
- Collection of Event ID ressources useful for Digital Forensics and Incident Responseβ616Updated last year
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.β318Updated last month
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logsβ720Updated 2 months ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifaβ¦β597Updated 3 months ago
- A repository of DFIR-related Mind Maps geared towards the visual learners!β526Updated 2 years ago
- A curated list of KAPE-related resourcesβ169Updated last month
- Automated YARA Rule Standardization and Quality Assurance Toolβ225Updated this week
- Sigma rules from Joe Securityβ216Updated 7 months ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.β183Updated this week
- Open Source Platform for storing, organizing, and searching documents related to cyber threatsβ165Updated last year
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare β¦β163Updated 6 months ago
- This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole β¦β202Updated 4 years ago
- acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.β104Updated this week
- Repository of attack and defensive information for Business Email Compromise investigationsβ256Updated last month
- The Volatility Collaborative GUIβ246Updated last week
- Digital Forensics Artifacts Knowledge Baseβ82Updated last year
- DFIRTrack - The Incident Response Tracking Applicationβ519Updated 9 months ago
- β131Updated 3 weeks ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.β577Updated 5 months ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniquesβ369Updated 5 months ago
- Incident Response collection and processing scripts with automated reporting scriptsβ303Updated 11 months ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.β109Updated last year
- The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportuβ¦β214Updated 4 months ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.β203Updated 2 years ago
- Forensics Wiki, a wiki devoted to information about digital forensics (also known as computer forensics)β278Updated 3 weeks ago
- #ThreatHunting #DFIR #Malware #Detection Mind Mapsβ297Updated 3 years ago