log2timeline / dftimewolfLinks
A framework for orchestrating forensic collection, processing and data export
☆328Updated last week
Alternatives and similar repositories for dftimewolf
Users that are interested in dftimewolf are comparing it to the libraries listed below
Sorting:
- User guide of MISP☆278Updated 9 months ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆340Updated 3 years ago
- DFIRTrack - The Incident Response Tracking Application☆523Updated last year
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆502Updated 3 years ago
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆294Updated 5 months ago
- Documentation of Cortex☆174Updated 2 years ago
- ☆221Updated last year
- A curated list of awesome things related to TheHive & Cortex☆182Updated 4 years ago
- ☆175Updated last year
- Cortex Analyzers Repository☆468Updated 2 weeks ago
- Python API Client for TheHive☆232Updated 3 weeks ago
- MISP trainings, threat intel and information sharing training materials with source code☆419Updated 4 months ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆235Updated 6 months ago
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆357Updated last week
- A (nearly) production ready Dockered MISP☆231Updated last year
- This is a repository for freq.py and freq_server.py☆211Updated 5 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆249Updated 4 years ago
- CASCADE Server☆272Updated 2 years ago
- MISP Docker (XME edition)☆283Updated last year
- SIEGMA - Transform Sigma rules into SIEM consumables☆156Updated 7 months ago
- Collecting & Hunting for IOCs with gusto and style☆241Updated 4 years ago
- Dump of organized knowledge on DFIR☆135Updated 4 years ago
- A Splunk app to use MISP in background☆111Updated last month
- Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.☆284Updated last week
- OASIS TC Open Repository: TAXII 2 Client Library Written in Python☆117Updated last year
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆128Updated 2 years ago
- ☆132Updated 4 years ago
- CyLR - Live Response Collection Tool☆692Updated 3 years ago
- This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …☆204Updated 5 years ago
- ATT&CK Remote Threat Hunting Incident Response☆204Updated 10 months ago