teamdfir / sift
SIFT
☆492Updated 9 months ago
Related projects ⓘ
Alternatives and complementary repositories for sift
- CLI tool to manage a SIFT Install☆416Updated last year
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆491Updated 2 years ago
- FireEye Publicly Shared Indicators of Compromise (IOCs)☆463Updated 5 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆334Updated 2 years ago
- Digital Forensics artifact repository☆1,062Updated 3 months ago
- CyLR - Live Response Collection Tool☆646Updated 2 years ago
- A framework for orchestrating forensic collection, processing and data export☆296Updated this week
- Remote forensics meta tool☆462Updated 5 months ago
- User guide of MISP☆259Updated last month
- Documentation of TheHive☆393Updated last year
- MISP trainings, threat intel and information sharing training materials with source code☆390Updated this week
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆300Updated 5 months ago
- Scripts and code referenced in CrowdStrike blog posts☆330Updated 5 years ago
- Configuration files for the SOF-ELK VM☆1,496Updated this week
- Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries☆441Updated 2 years ago
- Autopsy Python Plugins☆339Updated 8 months ago
- A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.☆596Updated last week
- Python library using the MISP Rest API☆446Updated this week
- FAME Automates Malware Evaluation☆862Updated this week
- A Powershell incident response framework☆1,559Updated 2 years ago
- Salt States for Configuring the SIFT Workstation☆97Updated this week
- A collection of sources of indicators of compromise.☆806Updated last month
- Yara Rule Analyzer and Statistics☆359Updated last year
- Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber☆398Updated last year
- Tool to extract indicators of compromise from security reports in PDF format☆429Updated last year
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆238Updated 3 years ago
- Evolving directions on building the best Open Source Forensics VM☆159Updated 6 years ago
- ☆273Updated last year
- Simple Bash IOC Scanner☆697Updated 2 years ago