Alternatives and similar repositories for SANS-DFIR-2017

Users that are interested in SANS-DFIR-2017 are comparing it to the libraries listed below

• bostonlink / bitcoin-explorer
  Maltego local transform that parses the Bitcoin Blockchain (blockexplorer.com) and creates Maltego graphs based on bitcoin wallet address…
  ☆38Updated 10 years ago
• cmatthewbrooks / pyiocutils
  A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).
  ☆17Updated 6 years ago
• jalewis / actortrackr
  Home to the ActorTrackr source code
  ☆29Updated 7 years ago
• brianwarehime / otx_transforms
  Transforms for the AlienVault OTX service
  ☆39Updated 8 years ago
• Concinnity-Risks / RansomCoinPublic
  A DFIR tool to extract cryptocoin addresses and other indicators of compromise from binaries.
  ☆56Updated last year
• dougiep16 / actortrackr
  Home to the ActorTrackr source code
  ☆24Updated 7 years ago
• markedoe / cuckoo-sandbox
  cuckoo sandbox patches and scripts
  ☆15Updated 11 years ago
• csirtgadgets / verbose-robot
  The Fastest way to consume Threat Intel
  ☆25Updated 3 years ago
• triw0lf / urlscan_scripts
  A bunch of scripts I use to work with urlscan.io
  ☆34Updated 5 years ago
• Concinnity-Risks / LogisticalBudget
  This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…
  ☆35Updated 6 years ago
• notx11 / urlScan2Hive
  Triage automation for suspect URLs
  ☆13Updated 5 years ago
• Neo23x0 / space-id
  Invisible Watermarks with Space Characters in ASCII Files
  ☆21Updated 6 years ago
• deadbits / Analyst-CaseFile
  Maltego CaseFile entities for information security investigations, malware analysis and incident response
  ☆65Updated 7 years ago
• wolfpack1 / intel_collection_tools
  ☆22Updated 7 years ago
• obsidianforensics / scripts
  Small scripts and POCs related to digital forensics
  ☆17Updated 2 years ago
• digital4rensics / Malformity
  Malformity is a Maltego project based on the Canari framework for malicious binary and infrastructure research.
  ☆115Updated 9 years ago
• alias454 / graylog-zeek-content-pack
  BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to captu…
  ☆19Updated 5 years ago
• mpars0ns / maltego_censys
  Basic Maltego Transforms for looking up SSL certs and IP info from censys.io
  ☆41Updated 8 years ago
• MISP / misp-vagrant
  Deploy MISP Project software with Vagrant.
  ☆43Updated 4 years ago
• xme / SANS-ISC
  Data related to the SANS Internet Storm Center
  ☆10Updated 6 years ago
• SudhanshuC / Maltego-Transforms
  Maltego Transforms, Machines and other extentions
  ☆44Updated 9 years ago
• yeti-platform / pyeti
  Python bindings for Yeti's API
  ☆18Updated last year
• daguy666 / Transit
  MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.
  ☆20Updated 5 years ago
• certtools / intelmq-feeds-documentation
  Cyber Threat Intelligence Feeds
  ☆67Updated last year
• opsdisk / dnmapR
  dnmap revised (dnmapR) is a modernized and enhanced version of dnmap
  ☆34Updated 6 years ago
• gcrahay / otx_misp
  Imports Alienvault OTX pulses to a MISP instance
  ☆52Updated 3 years ago
• anthonykasza / beginner_brogramming
  scripts to help beginners program in Bro
  ☆20Updated 11 years ago
• JWWeatherman / bitcoin_security_threat_model
  ☆75Updated 2 years ago
• i3visio / blockchain_c2c
  A Proof of Concept to show how blockchain can solve C2C persistence. PoC originally presented at EuskalHack Security Congress 2017, updat…
  ☆21Updated 7 years ago
• PrometheanInfoSec / honeybadger-red
  Honeybadger Red Edition
  ☆13Updated 7 years ago