solomonsonya / Xavier_MemoryAnalysis_Framework
Xavier Framework is a user interface wrapper built on top of the Volatility(c) memory forensics framework.
☆45Updated 2 years ago
Alternatives and similar repositories for Xavier_MemoryAnalysis_Framework:
Users that are interested in Xavier_MemoryAnalysis_Framework are comparing it to the libraries listed below
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated last year
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆30Updated 3 years ago
- Incident Response documents and tooling☆69Updated last year
- Jupyter Notebooks for the Blue Team☆145Updated last week
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆98Updated last year
- ☆67Updated 3 months ago
- Algorithme d'apprentissage statistique permettant de créer un modèle sur les lignes de commandes des évènements "Création de Processus", …☆83Updated last year
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated 10 months ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆146Updated 6 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆119Updated 11 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆153Updated 10 months ago
- A repository to share publicly available Velociraptor detection content☆138Updated this week
- This repo is where I store my Threat Hunting ideas/content☆87Updated last year
- Forensics scripts aimed at automating & enhancing the Forensics Legend Eric Zimmerman's techniques, integrating the statistical detection…☆16Updated last year
- Detection Engineering with YARA☆87Updated last year
- Completely Risky Active-Directory Simulation Hub☆99Updated last year
- Collection of scripts provided for public use☆34Updated 2 weeks ago
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆68Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆84Updated last month
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates…☆58Updated 2 weeks ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 11 months ago
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated last year
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆52Updated last year
- Some important DFIR Resources☆83Updated 2 years ago
- ☆6Updated 5 months ago
- The Threat Actor Profile Guide for CTI Analysts☆106Updated last year
- Harness the power of Splunk for your investigations☆94Updated last week
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated last year
- BlackBerry Threat Research & Intelligence☆98Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆118Updated last year