☆47Feb 14, 2026Updated 2 weeks ago
Alternatives and similar repositories for detections
Users that are interested in detections are comparing it to the libraries listed below
Sorting:
- Effort to list and aggregate known malicious Google Chrome Extension IDs☆61Nov 26, 2022Updated 3 years ago
- LILO based Pulse Secure appliance disk image decryptor☆13Mar 20, 2024Updated last year
- Repository of attack and defensive information for Business Email Compromise investigations☆275May 10, 2025Updated 9 months ago
- USN Journal full path builder☆65Sep 16, 2024Updated last year
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆21Aug 3, 2024Updated last year
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 3 years ago
- ☆24Mar 12, 2025Updated 11 months ago
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- A repository to share publicly available Velociraptor detection content☆196Updated this week
- Read Windows message table entries.☆11Feb 5, 2023Updated 3 years ago
- Evil Inject Finder Remote Capability and Parser☆11Nov 22, 2018Updated 7 years ago
- GUI for regripper☆11Mar 19, 2019Updated 6 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- A simple utility to generate real File and Active Directory activity in lab environments for the purposes of monitoring changes and detec…☆11Dec 4, 2018Updated 7 years ago
- A tool that can be used to close network connections automatically with a given parameters☆14Apr 19, 2023Updated 2 years ago
- ☆11Jun 12, 2023Updated 2 years ago
- ☆11Oct 3, 2019Updated 6 years ago
- yaa - yaml search for humans☆12Dec 8, 2025Updated 2 months ago
- some config files☆14Updated this week
- ☆18Sep 24, 2024Updated last year
- Parsers for .mdf file of Microsoft SQL Server (MSSQL)☆15Mar 28, 2020Updated 5 years ago
- Turn any blog into structured threat intelligence.☆52Updated this week
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆77Dec 15, 2025Updated 2 months ago
- A sort of a toolkit to decrypt Dropbox Windows DBX files☆31Apr 30, 2017Updated 8 years ago
- Small scripts and POCs related to digital forensics☆18Nov 1, 2022Updated 3 years ago
- Virtual machines that are set up with a variety of known vulnerabilities.☆17Mar 1, 2022Updated 3 years ago
- Collection of different Azure/Entra focused solutions (Deployable templates, Function Apps, etc)☆79Updated this week
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- Sabonis, a Digital Forensics and Incident Response pivoting tool☆18Mar 3, 2022Updated 3 years ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 8 months ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆107Nov 23, 2022Updated 3 years ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆150Sep 21, 2024Updated last year
- A small tool to easily mount APFS image on macOS for forensics.☆16Jul 30, 2020Updated 5 years ago
- Fun tools around the EBS Direct API☆19Apr 16, 2021Updated 4 years ago
- Indicators of compromise☆17Jan 29, 2026Updated last month
- Sentinel Threat Intelligence Upload Toolkit☆18Jul 15, 2024Updated last year
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆118Nov 28, 2023Updated 2 years ago
- ☆16Aug 29, 2025Updated 6 months ago
- The purpose of this repository is to share KQL queries to help identify security misconfigurations, hunt for specific patterns, or detect…☆77Feb 10, 2026Updated 2 weeks ago