Alternatives and similar repositories for lightgrep:

Users that are interested in lightgrep are comparing it to the libraries listed below

• 00010111 / smbtimeline
  ☆32Updated 3 months ago
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆76Updated 8 months ago
• TazWake / Public
  Collection of scripts provided for public use
  ☆34Updated 2 months ago
• The-DFIR-Report / cyberchef-recipes
  ☆18Updated 2 years ago
• MattETurner / DFIRlogbook
  Logbook for Digital Forensics and Incident Response
  ☆50Updated 6 months ago
• flowintel / flowintel
  An open source platform to support analysts to organise their case and tasks
  ☆64Updated this week
• gertjanbruggink / metrics
  This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
  ☆104Updated 2 months ago
• AndrewRathbun / KAPE-EZToolsAncillaryUpdater
  A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…
  ☆55Updated last year
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆65Updated 10 months ago
• RH-ISAC / PyOTI
  Python library for threat intelligence
  ☆81Updated this week
• csababarta / memory-baseliner
  Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…
  ☆50Updated last year
• AndrewRathbun / EventTranscript.db-Research
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆39Updated 2 years ago
• brimorlabs / KStrike
  Stand-alone parser for User Access Logging from Server 2012 and newer systems
  ☆72Updated last year
• Velocidex / velociraptor-docs
  Documentation site for Velociraptor
  ☆39Updated this week
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆27Updated 8 months ago
• ReconInfoSec / velociraptor-to-timesketch
  ☆4Updated 2 months ago
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆110Updated last year
• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆115Updated last year
• Ruler-Project / ruler-project
  Remote access and Antivirus Logging Database
  ☆43Updated 8 months ago
• AndrewRathbun / DFIRPowerShellScripts
  Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
  ☆44Updated 3 months ago
• invictus-ir / o365_dataset
  A dataset containing Office 365 Unified Audit Logs for security research and detection
  ☆48Updated 2 years ago
• neolea / neolea-training-materials
  Open source training materials for law-enforcement and organisations interested in DFIR.
  ☆56Updated this week
• strozfriedberg / greppin-logs
  2021 SANS DFIR Summit: Greppin' Logs
  ☆21Updated 3 years ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆44Updated 3 years ago
• brimorlabs / rdpieces
  The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images
  ☆78Updated last year
• gajos112 / PowerShell-Timeliner
  ☆13Updated 2 years ago
• AndrewRathbun / DFIRRegex
  A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
  ☆90Updated 2 years ago
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆15Updated 2 years ago
• pfpt-andrew / Rapid-Response-Reporting
  RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…
  ☆36Updated 2 years ago