Alternatives and similar repositories for Linux-Baseline-and-Forensic-Triage-Tool

Users that are interested in Linux-Baseline-and-Forensic-Triage-Tool are comparing it to the libraries listed below

• dhondta / AppmemDumper

  View on GitHub
  Forensics triage tool relying on Volatility and Foremost
  ☆25Dec 3, 2023Updated 2 years ago
• LincolnLandForensics / HodgePodge

  View on GitHub
  /ˈhäjˌpäj/ "a confused mixture."
  ☆13Updated this week
• ydkhatri / jarp

  View on GitHub
  Just Another broken Registry Parser (JARP)
  ☆16May 23, 2024Updated last year
• Maboalenen / DFIR

  View on GitHub
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆45Jan 2, 2022Updated 4 years ago
• Intrinsec / mplog_parser

  View on GitHub
  This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.
  ☆21Sep 30, 2022Updated 3 years ago
• LETHAL-FORENSICS / Collect-MemoryDump

  View on GitHub
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆252Oct 29, 2025Updated 3 months ago
• jstnk9 / ETW-Almulahaza

  View on GitHub
  ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system
  ☆13Jun 24, 2022Updated 3 years ago
• WesSec / VelociDeploy-o-Matic

  View on GitHub
  Scripts to for ready-to-use Velociraptor instance deployment in Azure
  ☆14Jun 27, 2023Updated 2 years ago
• CrowdStrike / SuperMem

  View on GitHub
  A python script developed to process Windows memory images based on triage type.
  ☆264Nov 25, 2023Updated 2 years ago
• ufrisk / MemProcFS-plugins

  View on GitHub
  ☆62Oct 12, 2024Updated last year
• mnrkbys / ma2tl

  View on GitHub
  macOS forensic timeline generator using the analysis result DBs of mac_apt
  ☆93Sep 7, 2023Updated 2 years ago
• abrignoni / RLEAPP

  View on GitHub
  Returns Logs Events And Properties Parser
  ☆125Dec 24, 2025Updated last month
• stuxnet999 / EventTranscriptParser

  View on GitHub
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆68Sep 13, 2023Updated 2 years ago
• abrignoni / WLEAPP

  View on GitHub
  WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.
  ☆33Nov 16, 2023Updated 2 years ago
• Digital-Forensics-Discord-Server / GitHubLearningPlayground

  View on GitHub
  Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…
  ☆14Jun 21, 2024Updated last year
• sandmaxprime / VagrantMalwareWin10VM

  View on GitHub
  Vagrant Files to create a Virtualbox VM for Malware Analysis
  ☆13Jun 1, 2021Updated 4 years ago
• blueteam0ps / memOptix

  View on GitHub
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆97May 28, 2023Updated 2 years ago
• HuskyHacks / blue-jupyter

  View on GitHub
  Jupyter Notebooks for the Blue Team
  ☆39Jan 16, 2025Updated last year
• op7ic / Cloud-Investigate

  View on GitHub
  A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.
  ☆40Mar 25, 2024Updated last year
• bluecapesecurity / PWF

  View on GitHub
  Practical Windows Forensics Training
  ☆740Updated this week
• mr-r3b00t / parse_win_log

  View on GitHub
  ☆14Aug 21, 2022Updated 3 years ago
• kacos2000 / Prefetch-Browser

  View on GitHub
  Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's
  ☆64Dec 18, 2024Updated last year
• zerber0s / mac_int

  View on GitHub
  macOS Artifact Intelligence Tool
  ☆13Apr 30, 2019Updated 6 years ago
• AndrewRathbun / ForensicImageKAPEOutput

  View on GitHub
  A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!
  ☆17Aug 31, 2024Updated last year
• keydet89 / Events-Ripper

  View on GitHub
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆89Feb 9, 2025Updated last year
• rshipp / ir-triage-toolkit

  View on GitHub
  Create an incident response triage toolkit for use with Windows or Linux.
  ☆18Jun 14, 2020Updated 5 years ago
• theaj42 / presentations

  View on GitHub
  ☆17Jan 21, 2026Updated 3 weeks ago
• stuhli / awesome-event-ids

  View on GitHub
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆643Jun 19, 2024Updated last year
• chocolatecoat / DFIR-Templates

  View on GitHub
  Incident Response documents and tooling
  ☆111Dec 23, 2025Updated last month
• JamesHabben / 4n6-app-finder

  View on GitHub
  Web app built to allow digital forensic professionals to search for the forensic tools that will parse artifacts from various apps.
  ☆19Apr 30, 2025Updated 9 months ago
• codeyourweb / fastfinder

  View on GitHub
  Incident Response - Fast suspicious file finder
  ☆249Jan 24, 2026Updated 3 weeks ago
• Purp1eW0lf / quickforensics

  View on GitHub
  ☆33Dec 4, 2022Updated 3 years ago
• memprocfshunt / MemProcFSHunter

  View on GitHub
  A powershell parser for https://github.com/ufrisk/MemProcFS
  ☆45May 12, 2021Updated 4 years ago
• evild3ad / Get-MiniTimeline

  View on GitHub
  Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE
  ☆32May 25, 2024Updated last year
• kacos2000 / Win10LiveInfo

  View on GitHub
  Windows 10 Live Information viewer
  ☆37Jan 27, 2022Updated 4 years ago
• ashemery / WindowsDFIR

  View on GitHub
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆77Jul 13, 2021Updated 4 years ago
• weslambert / velocistack

  View on GitHub
  ☆54May 14, 2024Updated last year
• ashemery / LinuxForensics

  View on GitHub
  Everything related to Linux Forensics
  ☆719Jul 13, 2023Updated 2 years ago
• EZToolsManuals / EZToolsManuals

  View on GitHub
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆89Aug 12, 2025Updated 6 months ago