google / docker-explorer
A tool to help forensicate offline docker acquisitions
☆540Updated 6 months ago
Alternatives and similar repositories for docker-explorer:
Users that are interested in docker-explorer are comparing it to the libraries listed below
- (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR)…☆633Updated last year
- A repository for using osquery for incident detection and response☆844Updated 2 years ago
- Automation and Scaling of Digital Forensics Tools☆764Updated last month
- an osquery fleet manager☆618Updated 2 years ago
- Python library to carry out DFIR analysis on the Cloud☆476Updated 3 weeks ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆788Updated 4 years ago
- Real-time, container-based file scanning at enterprise scale☆920Updated last week
- A framework for orchestrating forensic collection, processing and data export☆310Updated 2 weeks ago
- Remote Memory Acquisition Tool☆245Updated 4 years ago
- Python installable command line utiltity for mitigation of host and key compromises.☆346Updated 3 years ago
- FAME Automates Malware Evaluation☆892Updated last week
- AutoMacTC: Automated Mac Forensic Triage Collector☆538Updated 3 years ago
- DFIRTrack - The Incident Response Tracking Application☆498Updated 7 months ago
- Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.☆1,288Updated 2 years ago
- Fast and efficient osquery management☆438Updated last week
- Online hash checker for Virustotal and other services☆824Updated last month
- osquery extensions by Trail of Bits☆264Updated 2 years ago
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆253Updated 5 months ago
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆330Updated last year
- Production-ready detection & response queries for osquery☆562Updated last week
- Mapping the MITRE ATT&CK Matrix with Osquery☆793Updated last year
- DFIQ is a collection of investigative questions and the approaches for answering them☆277Updated 3 months ago
- An information security preparedness tool to do adversarial simulation.☆1,121Updated 6 years ago
- AVML - Acquire Volatile Memory for Linux☆938Updated last week
- Yara integrated software to handle archive file data.☆306Updated 2 years ago
- Modular file scanning/analysis framework☆619Updated 5 years ago
- Yet Another Yara Automaton - Automatically curate open source yara rules and run scans☆278Updated last year
- A flexible control server for osquery fleets☆1,105Updated 4 years ago
- A production-friendly malware scanner for your AWS cloud☆199Updated 3 years ago
- CyLR - Live Response Collection Tool☆674Updated 2 years ago