orlikoski / Skadi
Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
☆489Updated last year
Related projects: ⓘ
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆332Updated 2 years ago
- DFIRTrack - The Incident Response Tracking Application☆479Updated 2 weeks ago
- A framework for orchestrating forensic collection, processing and data export☆290Updated last week
- CyLR - Live Response Collection Tool☆622Updated 2 years ago
- DPS' Lightweight Investigation Notebook☆421Updated 8 months ago
- User guide of MISP☆254Updated 11 months ago
- Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries☆437Updated 2 years ago
- Online hash checker for Virustotal and other services☆808Updated 4 months ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆234Updated 3 years ago
- Documentation of TheHive☆391Updated 11 months ago
- FAME Automates Malware Evaluation☆845Updated 2 weeks ago
- MISP trainings, threat intel and information sharing training materials with source code☆373Updated last week
- ☆1,048Updated 5 years ago
- Web App for Volatility framework☆378Updated last week
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆348Updated 3 years ago
- An open source framework for enterprise level automated analysis.☆393Updated 2 years ago
- Deception based detection techniques mapped to the MITRE’s ATT&CK framework☆280Updated 6 years ago
- Evolving directions on building the best Open Source Forensics VM☆160Updated 6 years ago
- CLI tool to manage a SIFT Install☆417Updated last year
- 16,432 Free Yara rules created by☆378Updated 5 years ago
- SIFT☆484Updated 7 months ago
- Tool Analysis Result Sheet☆342Updated 6 years ago
- A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.☆593Updated 9 months ago
- A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.☆433Updated 3 months ago
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆712Updated 4 years ago
- ☆167Updated 2 months ago
- File Scanning Framework☆285Updated 3 years ago
- ☆375Updated this week
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆337Updated 2 weeks ago
- Incident Response Hierarchy of Needs☆435Updated last year