Alternatives and similar repositories for DFIR-Resources

Users that are interested in DFIR-Resources are comparing it to the libraries listed below

• ashemery / WindowsDFIR
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆78Updated 4 years ago
• jgasmussen / Linux-Baseline-and-Forensic-Triage-Tool
  Linux Baseline and Forensic Triage Tool - BETA
  ☆56Updated 2 years ago
• PacktPublishing / Incident-Response-with-Threat-Intelligence
  Incident Response with Threat Intelligence, published by Packt
  ☆51Updated last year
• dfircheatsheet / dfircheatsheet.github.io
  ☆66Updated 2 years ago
• fboldewin / YARA_Detection_Engineering
  Detection Engineering with YARA
  ☆87Updated last year
• gmagklaras / POFR
  Penguin OS Forensic (or Flight) Recorder
  ☆40Updated 7 months ago
• securityjoes / Crowdstrike-Deploy
  The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆24Updated 3 weeks ago
• curated-intel / MOVEit-Transfer
  A repository for tracking events related to the MOVEit Transfer Cl0p Campaign
  ☆71Updated 2 years ago
• archanchoudhury / Threat-Hunting
  This Repository gives the best and possible strategies against hunting the ransomware
  ☆26Updated 2 years ago
• stuxnet999 / volatility-binaries
  Contains compiled binaries of Volatility
  ☆34Updated 2 months ago
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆27Updated last year
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆96Updated 2 years ago
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆88Updated 2 years ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆45Updated last year
• HuskyHacks / blue-jupyter
  Jupyter Notebooks for the Blue Team
  ☆36Updated 6 months ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆104Updated last year
• stuxnet999 / EventTranscriptParser
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆69Updated last year
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆77Updated last year
• OMENScan / AChoirX
  ReWrite of AChoir in Go for Cross Platform
  ☆41Updated 3 weeks ago
• svch0stz / velociraptor-detections
  ☆22Updated 2 years ago
• surya4n6 / dc29-btv-2021
  ☆15Updated 3 years ago
• AndrewRathbun / Anti-Forensics-VHDX
  A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…
  ☆27Updated 2 years ago
• dfir-scripts / siftgrab
  ☆68Updated 7 months ago
• TactiKoolSec / OTHF
  Open Threat Hunting Framework
  ☆118Updated 2 years ago
• DFIRmadness / infosec-fortress
  A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources t…
  ☆54Updated 3 years ago
• Cyb3r-Monk / Cheat-Sheets
  Cheat sheets for threat hunting, detection and other stuff.
  ☆34Updated 2 years ago
• nasbench / Eventlog_Compendium
  The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.
  ☆47Updated 3 months ago
• dwmetz / MalChela
  A YARA & Malware Analysis Toolkit written in Rust.
  ☆37Updated 2 weeks ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆64Updated 2 years ago
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆85Updated 5 months ago