tap-ir / tapir
TAPIR is a multi-user, client/server, incident response framework
☆44Updated 2 years ago
Alternatives and similar repositories for tapir:
Users that are interested in tapir are comparing it to the libraries listed below
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- Python based CLI for MalwareBazaar☆37Updated 5 months ago
- ☆87Updated last year
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- Hunt malware with Volatility☆47Updated 11 months ago
- Logbook for Digital Forensics and Incident Response☆50Updated 9 months ago
- Digital Forensics Artifacts Knowledge Base☆81Updated 11 months ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆26Updated 2 years ago
- Malware similarity platform with modularity in mind.☆78Updated 3 years ago
- ☆15Updated 3 years ago
- YARA rule analyzer to improve rule quality and performance☆99Updated 2 weeks ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆34Updated 3 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆76Updated last year
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆22Updated 3 years ago
- Yara rules☆21Updated 2 years ago
- Standardized Malware Analysis Tool☆52Updated 4 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- ☆38Updated 3 years ago
- Scripts and lists to help generate YARA friendly string mutations☆21Updated 2 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆51Updated 4 months ago
- Carve file metadata from NTFS index ($I30) attributes☆63Updated last year
- Information about the open-source-dfir slack community☆29Updated last year
- C2 Active Scanner☆57Updated 10 months ago
- Automagically extract forensic timeline from volatile memory dump☆130Updated 11 months ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 2 months ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆64Updated 2 years ago
- Initial triage of Windows Event logs☆97Updated 10 months ago
- ☆38Updated 3 years ago