nccgroup / ImpossibleTravelLogAnalysisLinks
Basic log analysis tool to detect impossible travel via IP address geographic information
☆20Updated 6 years ago
Alternatives and similar repositories for ImpossibleTravelLogAnalysis
Users that are interested in ImpossibleTravelLogAnalysis are comparing it to the libraries listed below
Sorting:
- Small scripts and POCs related to digital forensics☆17Updated 2 years ago
- A Passive DNS backend and collector☆31Updated 2 years ago
- CIRCL system forensic tools or a jumble of tools to support forensic☆42Updated 2 years ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆42Updated 4 years ago
- ☆11Updated 6 years ago
- Virustotal Data to Timesketch☆17Updated 6 years ago
- An active domain name query tool to help keep track of domain name movements...☆15Updated 4 years ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.☆26Updated 7 years ago
- Python bindings for Yeti's API☆18Updated last year
- The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent☆12Updated 8 years ago
- PowerShell Memory Pulling script☆19Updated 10 years ago
- Checks observables/ioc in TheHive/Cortex against the MISP warningslists☆14Updated 7 years ago
- Collect hashes password hashes for cracking☆31Updated 11 years ago
- (Unofficial) Python API for https://sslbl.abuse.ch/☆11Updated 8 years ago
- A few quick recipes for those that do not have much time during the day☆22Updated 7 months ago
- DocBleachShell is the integration of the great DocBleach, https://github.com/docbleach/DocBleach Content Disarm and Reconstruction tool i…☆21Updated 3 years ago
- FastIR Agent is a Windows service to execute FastIR Collector on demand☆14Updated 8 years ago
- Collection of single use scripts I worte for windows forensics☆27Updated 13 years ago
- This repository is a curated list of pro bono incident response entities.☆20Updated last year
- Notebooks created to attack and secure Active Directory environments☆27Updated 5 years ago
- This module installs and configures MISP (Malware Information Sharing Platform)☆13Updated last week
- Home to the ActorTrackr source code☆24Updated 7 years ago
- Plugins to add funtionality to ProcDOT. http://www.procdot.com☆23Updated last year
- Repository of Information sharing on threats and indicators☆12Updated 5 years ago
- Yara Scanner For IMAP Feeds and saved Streams☆28Updated 5 years ago
- Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…☆30Updated 8 years ago
- Traceroute improved wrapper for CSIRT and CERT operators☆38Updated 7 months ago
- This repository contains free Hybrid Analysis contributions to the IT-Security community☆27Updated 4 years ago
- Performs OCR on image files and scans them for matches to YARA rules☆41Updated 6 years ago
- DeployREMnux is a Python script that will deploy a cloud instance of the public REMnux distribution in the Amazon cloud (AWS).☆16Updated 5 years ago