google / GiftStickLinks
1-Click push forensics evidence to the cloud
☆141Updated last month
Alternatives and similar repositories for GiftStick
Users that are interested in GiftStick are comparing it to the libraries listed below
Sorting:
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆110Updated 7 years ago
- Tools to assist in forensicating docker☆84Updated 7 months ago
- Automatically create YARA rules from malicious documents.☆212Updated 3 years ago
- A modern Python-3-based alternative to RegRipper☆197Updated 6 months ago
- stoQ Public Plugins☆71Updated 2 years ago
- Invoke-LiveResponse☆149Updated 3 years ago
- A rewrite of mactime, a bodyfile reader☆40Updated last year
- Tools for the Computer Incident Response Team☆146Updated 8 years ago
- InvestigationPlaybookSpec☆72Updated 8 years ago
- Checks with NSRL RDS servers looking for for hash matches☆114Updated 4 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated last month
- automate your MISP installs☆68Updated 5 years ago
- Different DFIR and CTI utilities☆37Updated 5 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆340Updated 3 years ago
- Expert Investigation Guides☆51Updated 4 years ago
- A collection of typical false positive indicators☆55Updated 4 years ago
- Security Monitoring Resolution Categories☆138Updated 3 years ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆179Updated 4 years ago
- Term concordances for each course in the SANS DFIR curriculum. Used for automated index generation.☆67Updated 5 years ago
- Salt States for Configuring the SIFT Workstation☆107Updated last week
- Extension to Cuckoo Sandbox open source projects, adds support to AWS cloud functionalities and enables running emulation on auto-scaling…☆136Updated 3 years ago
- All the IOC's I have gathered which are used directly involved coronavirus / covid-19 / SARS-CoV-2 cyber attack campaigns☆65Updated 4 years ago
- Extract common Windows artifacts from source images and VSCs☆65Updated 4 years ago
- Threat Feed Aggregation, Made Easy☆168Updated 5 years ago
- pollen - A command-line tool for interacting with TheHive☆36Updated 6 years ago
- Recon Hunt Queries☆78Updated 4 years ago
- To parse ugly Microsoft DNS Logs....☆41Updated 7 years ago
- Extract indicators of compromise from text, including "escaped" ones.☆162Updated 5 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- Volatility plugins created by the author☆44Updated 10 years ago