forensicanalysis / artifactcollector
๐งญ The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
โ270Updated last month
Related projects โ
Alternatives and complementary repositories for artifactcollector
- A python script developed to process Windows memory images based on triage type.โ258Updated 11 months ago
- Live forensic artifacts collectorโ160Updated 4 months ago
- Rules generated from our investigations.โ189Updated 3 weeks ago
- A curated list of KAPE-related resourcesโ156Updated 6 months ago
- This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole โฆโ193Updated 4 years ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.โ270Updated 2 months ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifaโฆโ555Updated last week
- Threat Hunting & Incident Investigation with Osqueryโ198Updated 2 years ago
- A framework for orchestrating forensic collection, processing and data exportโ296Updated this week
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copiesโ94Updated 9 months ago
- an excel-centric approach for the MITRE ATT&CKยฎ Tactics and Techniquesโ181Updated 2 years ago
- Digital Forensics Artifacts Knowledge Baseโ75Updated 6 months ago
- The Volatility Collaborative GUIโ227Updated this week
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniquesโ123Updated 8 months ago
- Repository of attack and defensive information for Business Email Compromise investigationsโ230Updated 2 months ago
- Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniquesโ308Updated 5 months ago
- OSSEM Detection Modelโ168Updated 2 years ago
- SIEGMA - Transform Sigma rules into SIEM consumablesโ141Updated last year
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logsโ680Updated last week
- A repository of my own Sigma detection rules.โ156Updated 2 months ago
- Docker image for Velocidex Velociraptorโ113Updated 4 months ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.โ528Updated 2 months ago
- Repository of public reference frameworks for the DFIR community.โ109Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.โ194Updated 2 years ago
- Artifact collection tool for *nix systemsโ192Updated 8 months ago
- Resources To Learn And Understand SIGMA Rulesโ168Updated last year
- Sigma rules from Joe Securityโ203Updated 2 weeks ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.โ182Updated this week
- โ130Updated 9 months ago