Alternatives and similar repositories for kube-forensics

Users that are interested in kube-forensics are comparing it to the libraries listed below

• keikoproj / addon-manager

  View on GitHub
  Manage addons in a Kubernetes cluster
  ☆71Dec 9, 2025Updated 2 months ago
• keikoproj / governor

  View on GitHub
  A collection of cluster reliability tools for Kubernetes
  ☆130Dec 1, 2025Updated 2 months ago
• keikoproj / upgrade-manager

  View on GitHub
  Reliable, extensible rolling-upgrades of Autoscaling groups in Kubernetes
  ☆141Nov 21, 2025Updated 2 months ago
• keikoproj / minion-manager

  View on GitHub
  Intelligent use of Spot Instances in Kubernetes
  ☆129Jul 9, 2024Updated last year
• keikoproj / instance-manager

  View on GitHub
  A Kubernetes controller for creating and managing worker node instance groups across multiple providers
  ☆148Oct 1, 2025Updated 4 months ago
• keikoproj / active-monitor

  View on GitHub
  Provides deep monitoring and self-healing of Kubernetes clusters
  ☆182Jan 21, 2026Updated 3 weeks ago
• keikoproj / lifecycle-manager

  View on GitHub
  Graceful AWS scaling event on Kubernetes using lifecycle hooks
  ☆92Dec 1, 2025Updated 2 months ago
• keikoproj / keiko

  View on GitHub
  Enable Kubernetes at scale
  ☆275Feb 3, 2021Updated 5 years ago
• google / cloud-forensics-utils

  View on GitHub
  Python library to carry out DFIR analysis on the Cloud
  ☆499Oct 8, 2025Updated 4 months ago
• google / docker-explorer

  View on GitHub
  A tool to help forensicate offline docker acquisitions
  ☆552Oct 4, 2024Updated last year
• RandomRhythm / mal2csv

  View on GitHub
  Malformed Access Log to CSV - Convert Web Server Access Logs to CSV
  ☆18Sep 3, 2024Updated last year
• ThreatResponse / margaritashotgun

  View on GitHub
  Remote Memory Acquisition Tool
  ☆252Sep 22, 2020Updated 5 years ago
• AbdulRhmanAlfaifi / Rhaegal

  View on GitHub
  Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…
  ☆42Sep 21, 2023Updated 2 years ago
• keikoproj / aws-auth

  View on GitHub
  Manage the aws-auth config map for EKS Kubernetes clusters
  ☆185Jan 1, 2026Updated last month
• CD-R0M / YARA

  View on GitHub
  Hundred Days of Yara Challenge
  ☆12Jun 21, 2022Updated 3 years ago
• argoproj / argo-cd-ui

  View on GitHub
  ☆15Jul 26, 2019Updated 6 years ago
• cado-security / AWS_EKS_Cluster_Forensics

  View on GitHub
  AWS EKS Cluster Forensics
  ☆23Aug 16, 2021Updated 4 years ago
• intuit / foremast-brain

  View on GitHub
  Foremast-brain is a component of Foremast project.
  ☆17Feb 3, 2023Updated 3 years ago
• cyberark / kubesploit

  View on GitHub
  Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized en…
  ☆1,215Feb 3, 2025Updated last year
• Applatix / claudia

  View on GitHub
  ☆38Sep 4, 2020Updated 5 years ago
• sysdiglabs / ekscloudwatch

  View on GitHub
  Forward EKS CloudWatch k8s audit events to Sysdig secure
  ☆27Aug 14, 2023Updated 2 years ago
• invictus-ir / ALFA

  View on GitHub
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆173Jan 30, 2026Updated 2 weeks ago
• istio-ecosystem / admiral

  View on GitHub
  Admiral provides automatic configuration generation, syncing and service discovery for multicluster Istio service mesh
  ☆635Oct 15, 2025Updated 4 months ago
• jklepsercyber / defender-detectionhistory-parser

  View on GitHub
  A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.
  ☆116Jan 26, 2022Updated 4 years ago
• dwmetz / Axiom-PowerShell

  View on GitHub
  PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.
  ☆12Aug 26, 2024Updated last year
• docker-forensics-toolkit / toolkit

  View on GitHub
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆108Feb 18, 2024Updated last year
• StupidBird-Code / Malware_Analysize-Tools

  View on GitHub
  Here are some tools I developed to help analyze malware
  ☆11Nov 8, 2023Updated 2 years ago
• intuit / katlas

  View on GitHub
  A distributed graph-based platform to automatically collect, discover, explore and relate multi-cluster Kubernetes resources and metadata…
  ☆213Jul 8, 2023Updated 2 years ago
• jicowan / eniconfig-generator

  View on GitHub
  Generates VPC CIDRs and ENIConfigs for custom networking with EKS
  ☆13Mar 14, 2019Updated 6 years ago
• The-DFIR-Report / Suricata-Rules

  View on GitHub
  ☆11Jun 12, 2023Updated 2 years ago
• AndrewRathbun / SANSGoldPaperResearch_FOR500_Rathbun

  View on GitHub
  A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.
  ☆27Jul 27, 2022Updated 3 years ago
• mreferre / ekstender

  View on GitHub
  A tool to extend the capabilities of an EKS cluster
  ☆67Aug 11, 2020Updated 5 years ago
• DataDog / stratus-red-team

  View on GitHub
  Granular, Actionable Adversary Emulation for the Cloud
  ☆2,252Feb 6, 2026Updated last week
• ANSSI-FR / DFIR4vSphere

  View on GitHub
  Powershell module for VMWare vSphere forensics
  ☆158Nov 8, 2024Updated last year
• 00010111 / gMetaDataParse

  View on GitHub
  ☆24Mar 12, 2025Updated 11 months ago
• EricZimmerman / Issues

  View on GitHub
  This is a repository for reporting any issues in any of my software
  ☆13May 15, 2018Updated 7 years ago
• dfirlabs / ntfs-specimens

  View on GitHub
  NTFS file system specimens
  ☆13Jul 3, 2023Updated 2 years ago
• forensicmatt / RustyReg

  View on GitHub
  Registry to JSON. This Project is for learning purposes and is not maintained.
  ☆12Dec 28, 2021Updated 4 years ago
• argoproj-labs / community

  View on GitHub
  Community documents for argoproj-labs
  ☆14Jul 19, 2024Updated last year