log2timeline / dftimewolfLinks
A framework for orchestrating forensic collection, processing and data export
☆315Updated last week
Alternatives and similar repositories for dftimewolf
Users that are interested in dftimewolf are comparing it to the libraries listed below
Sorting:
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆501Updated 2 years ago
- DFIRTrack - The Incident Response Tracking Application☆498Updated 8 months ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆337Updated 2 years ago
- User guide of MISP☆268Updated 5 months ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆216Updated 2 months ago
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆288Updated 3 weeks ago
- Collecting & Hunting for IOCs with gusto and style☆238Updated 3 years ago
- Dump of organized knowledge on DFIR☆134Updated 3 years ago
- ATT&CK Remote Threat Hunting Incident Response☆200Updated 5 months ago
- ☆173Updated 11 months ago
- A curated list of awesome things related to TheHive & Cortex☆179Updated 3 years ago
- CyLR - Live Response Collection Tool☆680Updated 3 years ago
- Documentation of Cortex☆174Updated last year
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆320Updated 3 months ago
- MISP trainings, threat intel and information sharing training materials with source code☆408Updated last week
- ☆276Updated 2 years ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆204Updated 3 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆246Updated 3 years ago
- Salt States for Configuring the SIFT Workstation☆103Updated 2 weeks ago
- Sigma rules from Joe Security☆214Updated 6 months ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆352Updated 4 years ago
- Live forensic artifacts collector☆166Updated 10 months ago
- Automation and Scaling of Digital Forensics Tools☆765Updated 2 weeks ago
- Security Monitoring Resolution Categories☆138Updated 3 years ago
- AutoMacTC: Automated Mac Forensic Triage Collector☆541Updated 3 years ago
- Automated Use Case Testing☆167Updated 7 years ago
- ☆216Updated last year
- Tool to extract indicators of compromise from security reports in PDF format☆435Updated 2 years ago
- A knowledge base of actionable Incident Response techniques☆637Updated 3 years ago
- ☆302Updated 4 years ago