rj-chap / CFWorkshopLinks
Understanding and analyzing carrier files workshop repo
☆51Updated 5 years ago
Alternatives and similar repositories for CFWorkshop
Users that are interested in CFWorkshop are comparing it to the libraries listed below
Sorting:
- Hunt malware with Volatility☆47Updated 2 months ago
- Scripts to facilitate filtering with Plaso☆126Updated 5 years ago
- The Windows Malware Analysis Reversing Core Tools☆96Updated 4 years ago
- ☆12Updated 11 months ago
- A python script developed to process Windows memory images based on triage type.☆265Updated last year
- Jupyter notebooks for threat hunting☆59Updated 6 months ago
- Random notes collected on the intertubes relating to DFIR☆34Updated 2 years ago
- Collection of scripts provided for public use☆37Updated last week
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆115Updated last year
- Blueteam operational triage registry hunting/forensic tool.☆149Updated 3 weeks ago
- Detection Ideas & Rules repository.☆179Updated 4 years ago
- Web application to create indexes for GIAC certification examinations.☆146Updated 2 years ago
- Collection of useful, up to date, Carbon Black Response Queries☆84Updated 4 years ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆155Updated 3 years ago
- ☆88Updated last month
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images☆84Updated 2 years ago
- ☆42Updated 4 years ago
- ☆35Updated 11 months ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆45Updated 3 years ago
- A GeoIP lookup utility utilizing ipinfo.io services.☆92Updated last year
- ☆77Updated 6 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆75Updated last year
- Automagically extract forensic timeline from volatile memory dump☆132Updated last year
- Repository of public reference frameworks for the DFIR community.☆118Updated 2 years ago
- My Jupyter Notebooks☆36Updated 6 months ago
- This repo is where I store my Threat Hunting ideas/content☆88Updated 2 years ago
- Python library for threat intelligence☆89Updated 8 months ago
- MAEC Schemas and Schema Development☆88Updated 5 years ago
- Extract BITS jobs from QMGR queue and store them as CSV records☆75Updated 7 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97Updated 2 years ago