Alternatives and similar repositories for MemLabs

Users that are interested in MemLabs are comparing it to the libraries listed below

• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,502Jan 24, 2023Updated 3 years ago
• alexandreborges / malwoverview

  View on GitHub
  Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malsh…
  ☆3,531Jan 20, 2026Updated 3 weeks ago
• AndrewRathbun / DFIRArtifactMuseum

  View on GitHub
  The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…
  ☆645Nov 7, 2025Updated 3 months ago
• WithSecureLabs / chainsaw

  View on GitHub
  Rapidly Search and Hunt through Windows Forensic Artefacts
  ☆3,440Oct 12, 2025Updated 4 months ago
• ashemery / LinuxForensics

  View on GitHub
  Everything related to Linux Forensics
  ☆719Jul 13, 2023Updated 2 years ago
• cugu / awesome-forensics

  View on GitHub
  ⭐️ A curated list of awesome forensic analysis tools and resources
  ☆4,879Feb 5, 2026Updated last week
• jstrosch / malware-samples

  View on GitHub
  Malware samples, analysis exercises and other interesting resources.
  ☆1,612Jan 13, 2024Updated 2 years ago
• clong / DetectionLab

  View on GitHub
  Automate the creation of a lab environment complete with security tooling and logging best practices
  ☆4,901Jul 6, 2024Updated last year
• mattnotmax / cyberchef-recipes

  View on GitHub
  A list of cyber-chef recipes and curated links
  ☆2,183Jun 14, 2024Updated last year
• dwmetz / CyberPipe

  View on GitHub
  An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
  ☆342Dec 3, 2025Updated 2 months ago
• frankwxu / digital-forensics-lab

  View on GitHub
  Free hands-on digital forensics labs for students and faculty
  ☆2,416Feb 4, 2026Updated last week
• CrowdStrike / SuperMem

  View on GitHub
  A python script developed to process Windows memory images based on triage type.
  ☆264Nov 25, 2023Updated 2 years ago
• LETHAL-FORENSICS / MemProcFS-Analyzer

  View on GitHub
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆693Oct 22, 2025Updated 3 months ago
• sans-blue-team / DeepBlueCLI

  View on GitHub
  ☆2,383Oct 14, 2023Updated 2 years ago
• mandiant / flare-vm

  View on GitHub
  A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…
  ☆8,338Dec 23, 2025Updated last month
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,475Jan 12, 2026Updated last month
• bluecapesecurity / PWF

  View on GitHub
  Practical Windows Forensics Training
  ☆740Updated this week
• meirwah / awesome-incident-response

  View on GitHub
  A curated list of tools for incident response
  ☆8,808Jul 18, 2024Updated last year
• volatilityfoundation / volatility

  View on GitHub
  An advanced memory forensics framework
  ☆7,963May 16, 2025Updated 8 months ago
• stuhli / awesome-event-ids

  View on GitHub
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆643Jun 19, 2024Updated last year
• Yamato-Security / hayabusa

  View on GitHub
  Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
  ☆3,014Feb 4, 2026Updated last week
• Velocidex / velociraptor

  View on GitHub
  Digging Deeper....
  ☆3,747Feb 5, 2026Updated last week
• DFIRKuiper / Kuiper

  View on GitHub
  Digital Forensics Investigation Platform
  ☆870Oct 12, 2024Updated last year
• JPCERTCC / LogonTracer

  View on GitHub
  Investigate malicious Windows logon by visualizing and analyzing Windows event log
  ☆3,049Oct 19, 2025Updated 3 months ago
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,723Mar 20, 2024Updated last year
• LOLBAS-Project / LOLBAS

  View on GitHub
  Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
  ☆8,311Dec 6, 2025Updated 2 months ago
• EricZimmerman / KapeFiles

  View on GitHub
  This repository serves as a place for community created Targets and Modules for use with KAPE.
  ☆815Feb 4, 2026Updated last week
• last-byte / PersistenceSniper

  View on GitHub
  Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows…
  ☆2,048Dec 11, 2024Updated last year
• ForensicArtifacts / artifacts

  View on GitHub
  Digital Forensics artifact repository
  ☆1,201Feb 7, 2026Updated last week
• splunk / attack_range

  View on GitHub
  A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…
  ☆2,433Feb 7, 2026Updated last week
• cyb3rfox / Aurora-Incident-Response

  View on GitHub
  Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
  ☆960Oct 5, 2023Updated 2 years ago
• NextronSystems / APTSimulator

  View on GitHub
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,710Sep 23, 2025Updated 4 months ago
• InQuest / awesome-yara

  View on GitHub
  A curated list of awesome YARA rules, tools, and people.
  ☆4,136Mar 26, 2025Updated 10 months ago
• hasherezade / malware_training_vol1

  View on GitHub
  Materials for Windows Malware Analysis training (volume 1)
  ☆2,024Jul 1, 2024Updated last year
• philhagen / sof-elk

  View on GitHub
  Configuration files for the SOF-ELK VM
  ☆1,715Jan 21, 2026Updated 3 weeks ago
• decalage2 / oletools

  View on GitHub
  oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware a…
  ☆3,280Jan 26, 2026Updated 2 weeks ago
• mandiant / flare-floss

  View on GitHub
  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
  ☆3,877Feb 3, 2026Updated last week
• malrev / ABD

  View on GitHub
  Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories
  ☆1,159Nov 14, 2020Updated 5 years ago
• mandiant / capa

  View on GitHub
  The FLARE team's open-source tool to identify capabilities in executable files.
  ☆5,813Feb 5, 2026Updated last week