log2timeline / dftimewolf
A framework for orchestrating forensic collection, processing and data export
☆307Updated this week
Alternatives and similar repositories for dftimewolf:
Users that are interested in dftimewolf are comparing it to the libraries listed below
- DFIRTrack - The Incident Response Tracking Application☆492Updated 6 months ago
- User guide of MISP☆266Updated 2 months ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆336Updated 2 years ago
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆281Updated last month
- ☆171Updated 8 months ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆500Updated 2 years ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆207Updated 3 weeks ago
- Collecting & Hunting for IOCs with gusto and style☆237Updated 3 years ago
- A curated list of awesome things related to TheHive & Cortex☆177Updated 3 years ago
- Documentation of TheHive☆396Updated last year
- Documentation of Cortex☆174Updated last year
- Live forensic artifacts collector☆165Updated 8 months ago
- ATT&CK Remote Threat Hunting Incident Response☆200Updated 3 months ago
- CyLR - Live Response Collection Tool☆667Updated 2 years ago
- Python API Client for TheHive☆221Updated 2 weeks ago
- Sigma rules from Joe Security☆207Updated 4 months ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆241Updated 3 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆149Updated last week
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆372Updated 2 years ago
- ☆213Updated last year
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆354Updated 2 weeks ago
- Cortex Analyzers Repository☆450Updated this week
- Salt States for Configuring the SIFT Workstation☆100Updated this week
- AutoMacTC: Automated Mac Forensic Triage Collector☆534Updated 2 years ago
- Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.☆270Updated 2 weeks ago
- Automated Use Case Testing☆167Updated 6 years ago
- MISP trainings, threat intel and information sharing training materials with source code☆403Updated last month
- CASCADE Server☆266Updated 2 years ago
- Repository of YARA rules made by Trellix ATR Team☆579Updated this week
- Security Monitoring Resolution Categories☆138Updated 3 years ago