solomonsonya / Xavier_MemoryAnalysis_FrameworkLinks
Xavier Framework is a user interface wrapper built on top of the Volatility(c) memory forensics framework.
☆45Updated 2 years ago
Alternatives and similar repositories for Xavier_MemoryAnalysis_Framework
Users that are interested in Xavier_MemoryAnalysis_Framework are comparing it to the libraries listed below
Sorting:
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated 2 years ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆31Updated 3 years ago
- Some important DFIR Resources☆83Updated 2 years ago
- ☆68Updated 6 months ago
- Jupyter Notebooks for the Blue Team☆144Updated 3 months ago
- ☆66Updated 2 years ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆85Updated 4 months ago
- Forensic Artifact Collection Tool Matrix☆85Updated 7 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- Incident Response documents and tooling☆74Updated last year
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆103Updated last year
- CarbonBlack EDR detection rules and response actions☆71Updated 9 months ago
- Detection Engineering with YARA☆87Updated last year
- Linux Baseline and Forensic Triage Tool - BETA☆55Updated 2 years ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆124Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆122Updated last year
- Repository of public reference frameworks for the DFIR community.☆116Updated last year
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆155Updated 2 months ago
- ☆8Updated 8 months ago
- Random notes collected on the intertubes relating to DFIR☆34Updated 2 years ago
- The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆24Updated 3 weeks ago
- This repo is where I store my Threat Hunting ideas/content☆88Updated 2 years ago
- Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.☆61Updated 11 months ago
- The DFRWS 2023 challenge (The Troubled Elevator) takes a deep dive into the domain of Industrial Control Systems (ICS), specifically foc…☆49Updated last year
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆101Updated 2 months ago
- Collection of scripts provided for public use☆34Updated 2 months ago
- Understanding and analyzing carrier files workshop repo☆50Updated 5 years ago