Alternatives and similar repositories for bulk_volatility_scanner

Users that are interested in bulk_volatility_scanner are comparing it to the libraries listed below

• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆27Updated 4 years ago
• n3l5 / irMempull
  PowerShell Memory Pulling script
  ☆19Updated 10 years ago
• jakob-source / falcon-crowdstrike
  A collection of searches, interesting events and tables on Crowdstrike Splunk.
  ☆29Updated 4 years ago
• MISP / threat-actor-intelligence-server
  A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the…
  ☆49Updated last week
• LDO-CERT / FireEye2TH
  FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
  ☆16Updated 6 years ago
• tsale / BlueSploit
  BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.
  ☆32Updated 5 years ago
• lawiet47 / autoresponder
  Carbon Black Response IR tool
  ☆54Updated 4 years ago
• mattnotmax / update-cyberchef
  CyberChef update scripts in PowerShell & Bash
  ☆16Updated last year
• ninoseki / iocingestor
  An extendable tool to extract and aggregate IoCs from threat feeds
  ☆33Updated last year
• jimtin / IRCoreForensicFramework
  Powershell / C# based cross platform forensic framework based for live incident response
  ☆23Updated 5 years ago
• cocaman / analysis_scripts
  Collection of scripts used to analyse malware or emails
  ☆20Updated 4 years ago
• weslambert / securityonion-strelka
  ☆13Updated 5 years ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆36Updated 2 years ago
• randomaccess3 / 4n6_stuff
  Git for me to put all my forensics stuff
  ☆22Updated this week
• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 5 years ago
• dhoelzer / DAD
  Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.
  ☆23Updated 8 years ago
• EbryxLabs / __DFIR-scripts
  Quick & Dirty DFIR scripts developed by Ebryx DFIR team to keep handy during field assignment
  ☆14Updated 2 months ago
• jstnk9 / ETW-Almulahaza
  ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system
  ☆13Updated 3 years ago
• jonny-jhnson / Automated-Detection-Pipeline
  ☆15Updated 4 years ago
• mdegrazia / KAPE_Tools
  Tools and Binaries to use with KAPE
  ☆12Updated 6 years ago
• lasq88 / socgholish_finder
  ☆14Updated 2 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆18Updated 4 years ago
• OllieJC / tbat
  Threat Box Assessment Tool
  ☆19Updated 4 years ago
• mvelazc0 / PurpleSpray
  PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…
  ☆51Updated 6 years ago
• Cyb3rWard0g / docker-caldera
  Docker Container to deploy Mitre Caldera Automated Adversary Emulation System
  ☆26Updated 4 years ago
• AbdulRhmanAlfaifi / Rhaegal
  Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…
  ☆41Updated last year
• keydet89 / IWSBook
  Site for IWS book content
  ☆17Updated 6 years ago
• NVISOsecurity / nviso-cti
  ☆44Updated last month
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆74Updated 3 years ago
• DefensiveOrigins / APTv4_Defcon28
  Defcon 28 - Red Team Village - Applied Purple Teaming - Why Can't We Be Friends
  ☆26Updated 5 years ago