orlikoski / SkadiLinks
Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
☆502Updated 3 years ago
Alternatives and similar repositories for Skadi
Users that are interested in Skadi are comparing it to the libraries listed below
Sorting:
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆340Updated 3 years ago
- Documentation of TheHive☆400Updated 2 years ago
- User guide of MISP☆278Updated 9 months ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆249Updated 4 years ago
- CLI tool to manage a SIFT Install☆419Updated 2 years ago
- Documentation of Cortex☆174Updated 2 years ago
- CyLR - Live Response Collection Tool☆692Updated 3 years ago
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆128Updated 2 years ago
- CASCADE Server☆272Updated 2 years ago
- SIFT☆519Updated last year
- A framework for orchestrating forensic collection, processing and data export☆328Updated last week
- An open source framework for enterprise level automated analysis.☆396Updated 3 years ago
- ☆221Updated last year
- ☆201Updated 3 years ago
- Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries☆456Updated 3 years ago
- DFIRTrack - The Incident Response Tracking Application☆523Updated last year
- Python API Client for TheHive☆232Updated 3 weeks ago
- Scripts and code referenced in CrowdStrike blog posts☆335Updated 5 years ago
- DPS' Lightweight Investigation Notebook☆432Updated last year
- Powershell Threat Hunting Module☆285Updated 9 years ago
- Evolving directions on building the best Open Source Forensics VM☆161Updated 7 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆351Updated 4 years ago
- 16,432 Free Yara rules created by☆389Updated 6 years ago
- MITRE ATT&CK Windows Logging Cheat Sheets☆345Updated 6 years ago
- ☆175Updated last year
- Threat Feed Aggregation, Made Easy☆168Updated 5 years ago
- Data from a BRAWL Automated Adversary Emulation Exercise☆210Updated 5 years ago
- Collecting & Hunting for IOCs with gusto and style☆241Updated 4 years ago
- Main Build directory☆179Updated 6 years ago
- Deception based detection techniques mapped to the MITRE’s ATT&CK framework☆289Updated 7 years ago