google / docker-explorerLinks
A tool to help forensicate offline docker acquisitions
☆546Updated 8 months ago
Alternatives and similar repositories for docker-explorer
Users that are interested in docker-explorer are comparing it to the libraries listed below
Sorting:
- (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR)…☆634Updated last year
- A repository for using osquery for incident detection and response☆855Updated 2 years ago
- Python library to carry out DFIR analysis on the Cloud☆481Updated last month
- A framework for orchestrating forensic collection, processing and data export☆324Updated last week
- A production-friendly malware scanner for your AWS cloud☆199Updated 3 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆499Updated 2 years ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆796Updated 4 years ago
- Remote Memory Acquisition Tool☆247Updated 4 years ago
- Real-time, container-based file scanning at enterprise scale☆932Updated last week
- Python installable command line utiltity for mitigation of host and key compromises.☆345Updated 3 years ago
- Automation and Scaling of Digital Forensics Tools☆768Updated 2 weeks ago
- DFIRTrack - The Incident Response Tracking Application☆520Updated 9 months ago
- osquery extensions by Trail of Bits☆265Updated 2 years ago
- An open source framework for enterprise level automated analysis.☆395Updated 3 years ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆796Updated 2 years ago
- an osquery fleet manager☆618Updated 2 years ago
- Production-ready detection & response queries for osquery☆574Updated last week
- AutoMacTC: Automated Mac Forensic Triage Collector☆541Updated 3 years ago
- ☆373Updated last year
- ☆229Updated 2 months ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆338Updated 3 years ago
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆254Updated 7 months ago
- Yet Another Yara Automaton - Automatically curate open source yara rules and run scans☆283Updated last year
- Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.☆1,320Updated 2 years ago
- A Python package to interact with the Mitre ATT&CK Framework☆476Updated last year
- AVML - Acquire Volatile Memory for Linux☆957Updated last week
- Cuckoo Sandbox Dockerfile☆329Updated 5 years ago
- Fast and efficient osquery management☆451Updated 3 weeks ago
- Yara integrated software to handle archive file data.☆313Updated 3 years ago
- CyLR - Live Response Collection Tool☆682Updated 3 years ago