solomonsonya / Xavier_MemoryAnalysis_Framework
Xavier Framework is a user interface wrapper built on top of the Volatility(c) memory forensics framework.
☆45Updated 2 years ago
Related projects: ⓘ
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆94Updated last year
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆29Updated 2 years ago
- ☆46Updated last week
- Forensics scripts aimed at automating & enhancing the Forensics Legend Eric Zimmerman's techniques, integrating the statistical detection…☆16Updated last year
- Incident Response documents and tooling☆57Updated 11 months ago
- Harness the power of Splunk for your investigations☆66Updated last month
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 3 months ago
- Some important DFIR Resources☆81Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 4 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆108Updated 5 months ago
- CarbonBlack EDR detection rules and response actions☆70Updated last week
- Detection Engineering with YARA☆84Updated 8 months ago
- Completely Risky Active-Directory Simulation Hub☆99Updated 9 months ago
- Jupyter Notebooks for the Blue Team☆139Updated last year
- This repo is where I store my Threat Hunting ideas/content☆85Updated last year
- The Threat Actor Profile Guide for CTI Analysts☆89Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆113Updated 9 months ago
- Intelligence Architecture Mind Map☆110Updated 6 months ago
- Collection of scripts provided for public use☆28Updated last month
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆73Updated 3 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆74Updated 3 weeks ago
- Active C&C Detector☆148Updated 11 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆147Updated 3 months ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆89Updated 7 months ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆266Updated 3 weeks ago
- Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…☆26Updated last month
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆62Updated last year
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆84Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆67Updated last year