google / docker-explorerLinks
A tool to help forensicate offline docker acquisitions
☆544Updated 8 months ago
Alternatives and similar repositories for docker-explorer
Users that are interested in docker-explorer are comparing it to the libraries listed below
Sorting:
- (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR)…☆634Updated last year
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆793Updated 4 years ago
- Automation and Scaling of Digital Forensics Tools☆767Updated 2 weeks ago
- A repository for using osquery for incident detection and response☆850Updated 2 years ago
- A framework for orchestrating forensic collection, processing and data export☆319Updated this week
- Python library to carry out DFIR analysis on the Cloud☆481Updated 2 weeks ago
- Python installable command line utiltity for mitigation of host and key compromises.☆345Updated 3 years ago
- an osquery fleet manager☆618Updated 2 years ago
- Remote Memory Acquisition Tool☆246Updated 4 years ago
- HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…☆541Updated last month
- Real-time, container-based file scanning at enterprise scale☆925Updated 2 weeks ago
- AutoMacTC: Automated Mac Forensic Triage Collector☆541Updated 3 years ago
- Modular file scanning/analysis framework☆618Updated 5 years ago
- osquery extensions by Trail of Bits☆264Updated 2 years ago
- DFIRTrack - The Incident Response Tracking Application☆499Updated 9 months ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆499Updated 2 years ago
- An information security preparedness tool to do adversarial simulation.☆1,123Updated 6 years ago
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆253Updated 6 months ago
- Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.☆314Updated 2 months ago
- Python-based utility that uses supervised machine learning to detect phishing domains from the Certificate Transparency log network.☆323Updated 8 months ago
- Yet Another Yara Automaton - Automatically curate open source yara rules and run scans☆282Updated last year
- AVML - Acquire Volatile Memory for Linux☆952Updated this week
- k8s audit repo☆228Updated 5 years ago
- A production-friendly malware scanner for your AWS cloud☆199Updated 3 years ago
- 1-Click push forensics evidence to the cloud☆141Updated 11 months ago
- Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.☆1,313Updated 2 years ago
- Automated deployment scripts for the RockNSM network hunting distribution.☆454Updated last year
- Script for automating Linux memory capture and analysis☆269Updated 5 years ago
- Online hash checker for Virustotal and other services☆825Updated 2 months ago
- Example detection of compromise credentials in AWS☆122Updated 6 years ago