Alternatives and similar repositories for community:

Users that are interested in community are comparing it to the libraries listed below

• k3idii / ION
  Indicators of Normality
  ☆12Updated 2 years ago
• woanware / reg-entropy-scanner
  Scans through registry hives outputting entropy values for key/values, dumps binary contents to files...we are looking for those "fileles…
  ☆11Updated 6 years ago
• kacos2000 / Evtx_Log_Browser
  Evtx Log (xml) Browser
  ☆56Updated last year
• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• nccgroup / WindowsMemPageDelta
  A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection
  ☆30Updated 4 years ago
• Velocidex / SQLiteHunter
  Hunt for SQLite files used by various applications
  ☆10Updated last month
• AbdulRhmanAlfaifi / SDSParser-rs
  NTFS Security Descriptor Stream ($Secure:$SDS) parser
  ☆14Updated 2 years ago
• sumeshi / ntfsfind
  An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.
  ☆24Updated 10 months ago
• nasbench / procmon-malware-analysis-filters
  Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool
  ☆14Updated 4 years ago
• OTRF / bloodhound-notebooks
  Notebooks created to attack and secure Active Directory environments
  ☆27Updated 5 years ago
• DissectMalware / OfficeForensicTools
  A set of tools for collecting forensic information
  ☆26Updated 4 years ago
• mandiant / pulsesecure_exploitation_countermeasures
  ☆23Updated last year
• ohjeongwook / WindowsEventTools
  Collection Of Scripts And Utilities For Windows Event Hunting
  ☆17Updated 4 years ago
• j91321 / MISP2memcached
  Load MISP events into memcached for log enrichment using logstash
  ☆12Updated 4 years ago
• imp0rtp3 / yara-rules
  Yara rules written by me, for free use.
  ☆18Updated 3 years ago
• ArsenalRecon / SdbaParser
  Parser for Sdba memory pool tags
  ☆17Updated 3 years ago
• ceramicskate0 / SWELF
  Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at ht…
  ☆24Updated last year
• sandflysecurity / sandfly-file-decloak
  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
  ☆20Updated 2 years ago
• AndrewRathbun / VanillaWindowsRegistryHives
  A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…
  ☆45Updated last year
• DCScoder / ESXiTri
  ESXi Cyber Security Incident Response Script
  ☆22Updated 4 months ago
• Starke427 / Windows-Security-Policy
  Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.
  ☆11Updated 4 years ago
• woanware / etw-event-dumper
  ☆32Updated 2 years ago
• tokesr / usb_investigator
  ☆9Updated 5 years ago
• jsecurity101 / jsecurity101
  ☆14Updated 9 months ago
• AndrewRathbun / SANSGoldPaperResearch_FOR500_Rathbun
  A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.
  ☆26Updated 2 years ago
• randomaccess3 / block-parser
  Parser for Windows PowerShell script block logs
  ☆13Updated 3 weeks ago
• SadProcessor / EzETW
  Cmdlets for capturing Windows Events
  ☆13Updated 2 years ago
• SentineLabs / log4j_response
  ☆15Updated 3 years ago
• SecurityRiskAdvisors / PDBlaster
  ☆47Updated 5 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago