rcobb76101 / bulk_volatility_scannerLinks
Python script to run battery of Volatility plugins against a forensic memory image
☆10Updated 6 years ago
Alternatives and similar repositories for bulk_volatility_scanner
Users that are interested in bulk_volatility_scanner are comparing it to the libraries listed below
Sorting:
- A script to assist in processing forensic RAM captures for malware triage☆26Updated 4 years ago
- PowerShell Memory Pulling script☆19Updated 10 years ago
- ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system☆13Updated 3 years ago
- Quick & Dirty DFIR scripts developed by Ebryx DFIR team to keep handy during field assignment☆14Updated last week
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆41Updated 4 years ago
- The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.☆13Updated 5 years ago
- Collection of scripts used to analyse malware or emails☆20Updated 5 years ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆42Updated 2 years ago
- Windows Security Logging☆43Updated 3 years ago
- ☆29Updated 11 months ago
- Cont3xt intends to centralize and simplify a structured approach to gathering contextual intelligence in support of technical investigati…☆38Updated last year
- An extendable tool to extract and aggregate IoCs from threat feeds☆34Updated last year
- A list of IOCs applicable to PoshC2☆24Updated 5 years ago
- Carbon Black Response IR tool☆55Updated 5 years ago
- ☆46Updated 2 years ago
- Site for IWS book content☆17Updated 7 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Updated 2 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Updated 7 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆74Updated 3 years ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Updated 3 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆29Updated 4 years ago
- A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the…☆50Updated 3 months ago
- Attempt to replicate the functions of auto_rip by Corey Harrell in Python.☆12Updated last year
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Updated 2 weeks ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Updated 3 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆35Updated 3 years ago
- TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …☆27Updated 3 years ago
- Threat Box Assessment Tool☆19Updated 4 years ago
- THOR MITRE ATT&CK Framework Coverage☆25Updated 5 years ago