google / docker-explorer
A tool to help forensicate offline docker acquisitions
☆539Updated 5 months ago
Alternatives and similar repositories for docker-explorer:
Users that are interested in docker-explorer are comparing it to the libraries listed below
- A repository for using osquery for incident detection and response☆842Updated 2 years ago
- (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR)…☆633Updated last year
- Python library to carry out DFIR analysis on the Cloud☆474Updated 2 months ago
- Automation and Scaling of Digital Forensics Tools☆760Updated 3 weeks ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆787Updated 4 years ago
- A framework for orchestrating forensic collection, processing and data export☆307Updated last week
- Real-time, container-based file scanning at enterprise scale☆915Updated last week
- Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.☆1,287Updated 2 years ago
- Digital Forensics artifact repository☆1,095Updated 3 months ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆790Updated last year
- An information security preparedness tool to do adversarial simulation.☆1,118Updated 6 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆500Updated 2 years ago
- Online hash checker for Virustotal and other services☆822Updated last week
- Modular file scanning/analysis framework☆618Updated 5 years ago
- Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.☆303Updated 4 months ago
- AVML - Acquire Volatile Memory for Linux☆925Updated this week
- DFIRTrack - The Incident Response Tracking Application☆493Updated 6 months ago
- Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.☆704Updated this week
- Yet Another Yara Automaton - Automatically curate open source yara rules and run scans☆277Updated last year
- Production-ready detection & response queries for osquery☆558Updated last week
- an osquery fleet manager☆617Updated 2 years ago
- File Scanning Framework☆292Updated 3 years ago
- osquery extensions by Trail of Bits☆263Updated last year
- Repository of YARA rules made by Trellix ATR Team☆583Updated 2 weeks ago
- Cross-platform Yara scanner written in Go☆329Updated 2 years ago
- Distributed malware processing framework based on Python, Redis and S3.☆404Updated this week
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆336Updated 2 years ago
- Yara integrated software to handle archive file data.☆305Updated 2 years ago
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆253Updated 4 months ago
- IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.☆1,024Updated last week