mnrkbys / ma2tl

Related projects ⓘ

Alternatives and complementary repositories for ma2tl

• mnrkbys / macosac
  Forensic Artifact Collection Tool for macOS
  ☆98Updated 2 months ago
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆75Updated 6 months ago
• stuxnet999 / EventTranscriptParser
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆67Updated last year
• MattETurner / DFIRlogbook
  Logbook for Digital Forensics and Incident Response
  ☆49Updated 4 months ago
• fox-it / acquire
  acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
  ☆91Updated this week
• herosi / triage-collector
  ☆21Updated last month
• JPCERTCC / jpcert-yara
  JPCERT/CC public YARA rules repository
  ☆103Updated 5 months ago
• csababarta / memory-baseliner
  Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…
  ☆49Updated last year
• fox-it / skrapa
  A zero dependency and customizable Python library for scanning Windows and Linux process memory.
  ☆63Updated 9 months ago
• CyberCX-DFIR / usnjrnl_rewind
  USN Journal full path builder
  ☆36Updated 2 months ago
• abrignoni / WLEAPP
  WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.
  ☆31Updated last year
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆64Updated last year
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆49Updated 6 months ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆94Updated 9 months ago
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆75Updated 2 weeks ago
• g-les / 100DaysofYARA
  100 Days of YARA to be updated with rules & ideas as the year progresses
  ☆56Updated last year
• Ruler-Project / ruler-project
  Remote access and Antivirus Logging Database
  ☆41Updated 6 months ago
• tap-ir / tapir
  TAPIR is a multi-user, client/server, incident response framework
  ☆44Updated 2 years ago
• imp0rtp3 / Yobi
  Yara Based Detection Engine for web browsers
  ☆47Updated 3 years ago
• alwashali / detection-validation
  Detection rule validation
  ☆41Updated last year
• OMENScan / AChoirX
  ReWrite of AChoir in Go for Cross Platform
  ☆35Updated last week
• markmckinnon / cLeapp
  Chrome Logs Events and Protobuf Parser
  ☆34Updated last year
• theAtropos4n6 / Partition-4DiagnosticParser
  Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.
  ☆19Updated 11 months ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆62Updated 2 years ago
• elastic / labs-releases
  Elastic Security Labs releases
  ☆52Updated 3 weeks ago
• AmgdGocha / DriveFS-Sleuth
  DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…
  ☆74Updated last month
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆77Updated last week
• Digital-Forensics-Discord-Server / ArtifactParsers
  A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts
  ☆51Updated last week