kost / docker-siftLinks
Docker container of SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3
☆11Updated 8 years ago
Alternatives and similar repositories for docker-sift
Users that are interested in docker-sift are comparing it to the libraries listed below
Sorting:
- bro on debian with elasticsearch support☆24Updated 8 years ago
- Modular tool to test exfiltration techniques.☆37Updated 8 years ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆42Updated 4 years ago
- Queries to parse sysmon event log file with microsoft logparser☆56Updated 10 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- Fast incident overview☆40Updated 8 years ago
- Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!☆18Updated 11 years ago
- Traceroute improved wrapper for CSIRT and CERT operators☆38Updated 8 months ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 9 years ago
- pollen - A command-line tool for interacting with TheHive☆35Updated 6 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Updated 7 years ago
- Various tools and scripts☆43Updated 2 years ago
- Detect malicious domain, Blablablablabla☆26Updated 8 years ago
- Build Automated Machine Images for MISP☆28Updated 2 years ago
- Subscriptions to collect Windows Event Logs mapped to the MITRE ATT&CK model☆12Updated 4 years ago
- cuckoo-1.1 fork with suricata/moloch/clamav and other goodies☆23Updated 10 years ago
- Web based analysis platform for use with the AWS_IR command line tool.☆17Updated 8 years ago
- Ansible playbook to install Malware Information Sharing Platform (MISP)☆17Updated 10 years ago
- ☆16Updated 4 years ago
- ☆24Updated 5 years ago
- ☆16Updated 10 years ago
- ☆13Updated 7 years ago
- This is a framework written in EnScript to utilize the network capabilities of EnCase. The purpose is to allow for someone to build a qui…☆13Updated 10 years ago
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Updated 8 years ago
- Cli interface to threatcrowd.org☆19Updated 7 years ago
- Incident Response Scripts☆30Updated 5 years ago
- Logged PS Remote Command Wrapper for Blue Team Forensics/IR☆11Updated 7 years ago
- This repository contains free Hybrid Analysis contributions to the IT-Security community☆27Updated 4 years ago
- ☆32Updated 7 months ago
- Build your own threat hunting maturity model☆11Updated 7 years ago