Salt States for Configuring the SIFT Workstation
☆107Feb 18, 2026Updated last week
Alternatives and similar repositories for sift-saltstack
Users that are interested in sift-saltstack are comparing it to the libraries listed below
Sorting:
- CLI tool to manage a SIFT Install☆420Mar 25, 2023Updated 2 years ago
- Volatility plugins developed and maintained by the community☆21Sep 18, 2024Updated last year
- SIFT☆534Feb 14, 2024Updated 2 years ago
- SIFT Bootstrap Script☆145Jun 20, 2017Updated 8 years ago
- Packer.io Scripts to build the SIFT VM(s)☆10Aug 29, 2020Updated 5 years ago
- This repository maintains the SaltStack state files for the REMnux distro.☆54Feb 14, 2026Updated 2 weeks ago
- Cast is an installer for any compatible Saltstack based distribution like SIFT or REMnux☆134Updated this week
- The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.☆10Sep 28, 2020Updated 5 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 6 years ago
- Small utility script to notify via Slack about Hashcat's progress during a password cracking session☆10Mar 10, 2019Updated 6 years ago
- Term concordances for each course in the SANS DFIR curriculum. Used for automated index generation.☆69Aug 7, 2020Updated 5 years ago
- Configuration files for the SOF-ELK VM☆1,719Jan 21, 2026Updated last month
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆23Oct 26, 2019Updated 6 years ago
- Windows Thingies in Python for live use.☆24Apr 22, 2019Updated 6 years ago
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆13Dec 3, 2020Updated 5 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Golang Parser for Microsoft Event Logs☆105Nov 7, 2025Updated 3 months ago
- It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving☆42Apr 23, 2020Updated 5 years ago
- Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…☆37Apr 24, 2018Updated 7 years ago
- A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.☆26Oct 27, 2019Updated 6 years ago
- A Golang Registry parser☆19Feb 3, 2025Updated last year
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- Development guide for Volatility Plugins☆22Sep 6, 2017Updated 8 years ago
- Indices for courses in SANS' Network Security Operations curriculum☆17Feb 5, 2016Updated 10 years ago
- ☆23May 7, 2021Updated 4 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆343Jun 25, 2022Updated 3 years ago
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- Rekall Forensics and Incident Response Framework with rVMI extensions☆33Mar 25, 2021Updated 4 years ago
- A golang implementation of a prefetch parser.☆20Oct 27, 2025Updated 4 months ago
- A Powershell incident response framework☆1,640Nov 22, 2022Updated 3 years ago
- Backstage Parser☆33Jun 23, 2022Updated 3 years ago
- ☆14Oct 24, 2024Updated last year
- Windows 10 Live Information viewer☆38Jan 27, 2022Updated 4 years ago
- Git for me to put all my forensics stuff☆23Sep 2, 2025Updated 6 months ago
- Site for IWS book content☆17Oct 28, 2018Updated 7 years ago
- CyLR - Live Response Collection Tool☆711Jun 1, 2022Updated 3 years ago
- Office365 Log Analysis Framework☆81Jun 6, 2019Updated 6 years ago
- ☆280Apr 6, 2023Updated 2 years ago