kk0m4k / docker-forensicsLinks
☆23Updated 5 years ago
Alternatives and similar repositories for docker-forensics
Users that are interested in docker-forensics are comparing it to the libraries listed below
Sorting:
- Providing timelines based on OSINT Reports☆32Updated last year
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆56Updated 3 years ago
- pocket guide for core threat hunting concepts☆23Updated 5 years ago
- OSSEM Modular☆27Updated 4 years ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…☆56Updated 7 years ago
- Projects for AWS ThreatHunting☆21Updated 3 years ago
- Use DNS to hunt for threats including DGAs☆15Updated 9 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Updated 6 years ago
- A YARA Rule Performance Measurement Tool☆59Updated last year
- Malware similarity platform with modularity in mind.☆78Updated 3 years ago
- A collection of typical false positive indicators☆55Updated 4 years ago
- Site for IWS book content☆18Updated 6 years ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- pollen - A command-line tool for interacting with TheHive☆35Updated 6 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 4 years ago
- Collection of YARA signatures from individual research☆44Updated last year
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- Modular command-line threat hunting tool & framework.☆17Updated 4 years ago
- A collection of infosec related scripts and information.☆53Updated 8 months ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Updated 7 years ago
- Mitre Att&ck Technique Emulation☆82Updated 6 years ago
- Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks☆25Updated 4 years ago
- No-Script Automation Tool☆56Updated 6 years ago
- Links to malware-related YARA rules☆15Updated 2 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Updated 5 years ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆63Updated 2 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Updated 2 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago