theflakes / Linux_Forensic_Harvester

Related projects: ⓘ

• theflakes / reg_hunter
  Blueteam operational triage registry hunting/forensic tool.
  ☆142Updated last year
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆70Updated 2 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆40Updated 4 years ago
• ezaspy / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆29Updated 2 months ago
• forensicanalysis / artifacts
  📇 Digital Forensics Artifact Repository (forensicanalysis edition)
  ☆71Updated 7 months ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆62Updated 2 years ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago
• dnif / content
  ☆27Updated this week
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆71Updated 4 months ago
• yarox24 / EvtxHussar
  Initial triage of Windows Event logs
  ☆83Updated 3 months ago
• blackberry / threat-research-and-intelligence
  BlackBerry Threat Research & Intelligence
  ☆90Updated 11 months ago
• StevenD33 / Lab-DFIR-SOC
  ☆62Updated 3 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆49Updated 2 months ago
• MattETurner / DFIRlogbook
  Logbook for Digital Forensics and Incident Response
  ☆48Updated 2 months ago
• CrowdStrike / xwf-yara-scanner
  ☆84Updated 7 months ago
• alex-cart / LEAF
  Linux Evidence Acquisition Framework
  ☆114Updated 2 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 5 months ago
• swisscom / Invoke-Forensics
  Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
  ☆108Updated 9 months ago
• center-for-threat-informed-defense / attack-powered-suit
  ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…
  ☆69Updated last week
• mattnotmax / DFIR-notes
  Random notes collected on the intertubes relating to DFIR
  ☆32Updated last year
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆41Updated 4 months ago
• TobySalusky / cont3xt
  Cont3xt intends to centralize and simplify a structured approach to gathering contextual intelligence in support of technical investigati…
  ☆36Updated 6 months ago
• TazWake / Public
  Collection of scripts provided for public use
  ☆28Updated last month
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆47Updated 2 weeks ago
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆66Updated 9 months ago
• gmagklaras / POFR
  Penguin OS Forensic (or Flight) Recorder
  ☆37Updated last month
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆34Updated 9 months ago
• ashemery / WindowsDFIR
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆73Updated 3 years ago
• hackjalstead / IRCP
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆64Updated 2 years ago
• RH-ISAC / PyOTI
  Python library for threat intelligence
  ☆78Updated 2 months ago