teamdfir / sift
SIFT
☆503Updated last year
Alternatives and similar repositories for sift:
Users that are interested in sift are comparing it to the libraries listed below
- CLI tool to manage a SIFT Install☆419Updated 2 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆336Updated 2 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆500Updated 2 years ago
- CyLR - Live Response Collection Tool☆669Updated 2 years ago
- User guide of MISP☆266Updated 3 months ago
- A framework for orchestrating forensic collection, processing and data export☆307Updated 2 weeks ago
- FireEye Publicly Shared Indicators of Compromise (IOCs)☆464Updated 6 years ago
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆308Updated last month
- Yara Rule Analyzer and Statistics☆372Updated 2 years ago
- A Powershell incident response framework☆1,591Updated 2 years ago
- Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries☆446Updated 3 years ago
- Digital Forensics artifact repository☆1,095Updated 3 months ago
- CRITs - Collaborative Research Into Threats☆900Updated 5 years ago
- Remote forensics meta tool☆466Updated last week
- MISP trainings, threat intel and information sharing training materials with source code☆404Updated last month
- Configuration files for the SOF-ELK VM☆1,574Updated this week
- AutoMacTC: Automated Mac Forensic Triage Collector☆535Updated 3 years ago
- Simple Bash IOC Scanner☆726Updated 3 years ago
- Documentation of TheHive☆396Updated last year
- Malware Configuration And Payload Extraction☆753Updated 4 months ago
- Modular file scanning/analysis framework☆618Updated 5 years ago
- Clusters and elements to attach to MISP events or attributes (like threat actors)☆558Updated 2 weeks ago
- A set of Zeek scripts to detect ATT&CK techniques.☆583Updated 9 months ago
- Scripts and code referenced in CrowdStrike blog posts☆331Updated 5 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆912Updated last year
- Tool to extract indicators of compromise from security reports in PDF format☆434Updated 2 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆244Updated 3 years ago
- Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.☆270Updated 3 weeks ago
- Cortex Analyzers Repository☆450Updated this week
- ☆190Updated 10 months ago