Salt States for Configuring the SIFT Workstation
☆108Mar 19, 2026Updated this week
Alternatives and similar repositories for sift-saltstack
Users that are interested in sift-saltstack are comparing it to the libraries listed below
Sorting:
- Volatility plugins developed and maintained by the community☆21Sep 18, 2024Updated last year
- SIFT Bootstrap Script☆145Jun 20, 2017Updated 8 years ago
- CLI tool to manage a SIFT Install☆420Mar 25, 2023Updated 2 years ago
- SIFT☆536Feb 14, 2024Updated 2 years ago
- Packer.io Scripts to build the SIFT VM(s)☆10Aug 29, 2020Updated 5 years ago
- This repository maintains the SaltStack state files for the REMnux distro.☆55Mar 11, 2026Updated last week
- Cast is an installer for any compatible Saltstack based distribution like SIFT or REMnux☆135Mar 15, 2026Updated last week
- Term concordances for each course in the SANS DFIR curriculum. Used for automated index generation.☆69Aug 7, 2020Updated 5 years ago
- Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…☆37Apr 24, 2018Updated 7 years ago
- Configuration files for the SOF-ELK VM☆1,723Jan 21, 2026Updated 2 months ago
- Windows Thingies in Python for live use.☆24Apr 22, 2019Updated 6 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Docker container of SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3☆11Oct 9, 2016Updated 9 years ago
- Site for IWS book content☆17Oct 28, 2018Updated 7 years ago
- The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.☆10Sep 28, 2020Updated 5 years ago
- It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving☆42Apr 23, 2020Updated 5 years ago
- Development guide for Volatility Plugins☆22Sep 6, 2017Updated 8 years ago
- parser for Google search strings☆40Sep 14, 2019Updated 6 years ago
- ☆14Oct 24, 2024Updated last year
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆23Oct 26, 2019Updated 6 years ago
- A Powershell incident response framework☆1,640Nov 22, 2022Updated 3 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 7 years ago
- Golang Parser for Microsoft Event Logs☆107Nov 7, 2025Updated 4 months ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆343Jun 25, 2022Updated 3 years ago
- Indices for courses in SANS' Network Security Operations curriculum☆17Feb 5, 2016Updated 10 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Jan 16, 2018Updated 8 years ago
- Automated Memory Forensic☆34Jul 18, 2018Updated 7 years ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- CyLR - Live Response Collection Tool☆714Jun 1, 2022Updated 3 years ago
- Forensic Scanner☆41Nov 29, 2012Updated 13 years ago
- Presentation Slides and Video links☆32Nov 8, 2021Updated 4 years ago
- Small utility script to notify via Slack about Hashcat's progress during a password cracking session☆10Mar 10, 2019Updated 7 years ago
- A Backup for BMC Viewer☆33Nov 4, 2017Updated 8 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- ☆176Jan 26, 2021Updated 5 years ago
- Digital Forensics artifact repository☆1,213Feb 11, 2026Updated last month
- Powershell script which will take any payload and put it in the a bat script which delivers the payload. The payload is delivered using e…☆57Apr 13, 2024Updated last year
- ☆31Feb 15, 2017Updated 9 years ago