orlikoski / SkadiLinks
Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
☆502Updated 2 years ago
Alternatives and similar repositories for Skadi
Users that are interested in Skadi are comparing it to the libraries listed below
Sorting:
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆340Updated 3 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆247Updated 4 years ago
- CLI tool to manage a SIFT Install☆419Updated 2 years ago
- Documentation of TheHive☆400Updated 2 years ago
- User guide of MISP☆274Updated 9 months ago
- Documentation of Cortex☆175Updated 2 years ago
- Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries☆455Updated 3 years ago
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆128Updated 2 years ago
- SIFT☆517Updated last year
- CASCADE Server☆272Updated 2 years ago
- DFIRTrack - The Incident Response Tracking Application☆522Updated last year
- ☆219Updated last year
- Scripts and code referenced in CrowdStrike blog posts☆335Updated 5 years ago
- ☆193Updated last year
- A framework for orchestrating forensic collection, processing and data export☆329Updated 3 weeks ago
- CyLR - Live Response Collection Tool☆687Updated 3 years ago
- DPS' Lightweight Investigation Notebook☆432Updated last year
- An open source framework for enterprise level automated analysis.☆395Updated 3 years ago
- ☆175Updated last year
- Python API Client for TheHive☆231Updated this week
- Evolving directions on building the best Open Source Forensics VM☆161Updated 7 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆351Updated 4 years ago
- Powershell Threat Hunting Module☆286Updated 9 years ago
- MITRE ATT&CK Windows Logging Cheat Sheets☆344Updated 6 years ago
- ☆201Updated 3 years ago
- Incident Response Hierarchy of Needs☆463Updated 2 years ago
- Data from a BRAWL Automated Adversary Emulation Exercise☆209Updated 5 years ago
- Online hash checker for Virustotal and other services☆835Updated 6 months ago
- Carbon Black API - Python language bindings☆145Updated last year
- Threat Feed Aggregation, Made Easy☆168Updated 5 years ago