Alternatives and similar repositories for virustotal3

Users that are interested in virustotal3 are comparing it to the libraries listed below

• andreafortuna / autotimeliner
  Automagically extract forensic timeline from volatile memory dump
  ☆131Updated last year
• hatching / triage
  Hatching Triage public command-line utility and API library.
  ☆74Updated 2 years ago
• nbeede / BoomBox
  Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant
  ☆240Updated 2 years ago
• davidpany / WMI_Forensics
  ☆308Updated 5 years ago
• airbus-cert / regrippy
  A modern Python-3-based alternative to RegRipper
  ☆205Updated 9 months ago
• InQuest / yara-rules
  A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
  ☆387Updated 3 years ago
• mark-hallman / plaso_filters
  Scripts to facilitate filtering with Plaso
  ☆127Updated 5 years ago
• williballenthin / EVTXtract
  EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  ☆203Updated 9 months ago
• annamcabee / Mitre-Attack-API
  Python module to interact with the MITRE attack framework via the MITRE API
  ☆85Updated 8 years ago
• 13Cubed / Abeebus
  A GeoIP lookup utility utilizing ipinfo.io services.
  ☆93Updated 2 years ago
• Xumeiquer / yara-forensics
  Set of Yara rules for finding files using magics headers
  ☆141Updated 5 years ago
• marcurdy / dfir-toolset
  Dump of organized knowledge on DFIR
  ☆135Updated 4 years ago
• fireeye / HXTool
  HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physic…
  ☆84Updated last year
• target / halogen
  Automatically create YARA rules from malicious documents.
  ☆212Updated 3 years ago
• CrowdStrike / SuperMem
  A python script developed to process Windows memory images based on triage type.
  ☆265Updated 2 years ago
• EricZimmerman / RECmd
  Command line access to the Registry
  ☆161Updated 2 months ago
• dod-cyber-crime-center / DC3-MWCP
  DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …
  ☆339Updated 10 months ago
• Neo23x0 / vti-dorks
  Awesome VirusTotal Intelligence Search Queries
  ☆332Updated 2 years ago
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆114Updated 7 months ago
• mbevilacqua / appcompatprocessor
  "Evolving AppCompat/AmCache data analysis beyond grep"
  ☆206Updated 4 years ago
• EricZimmerman / ericzimmerman.github.io
  Software downloads
  ☆109Updated 7 months ago
• carbonblack / tau-tools
  A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit
  ☆240Updated 4 years ago
• StrangerealIntel / EternalLiberty
  ☆212Updated 6 months ago
• CheckPointSW / Cuckoo-AWS
  Extension to Cuckoo Sandbox open source projects, adds support to AWS cloud functionalities and enables running emulation on auto-scaling…
  ☆135Updated 3 years ago
• MAECProject / schemas
  MAEC Schemas and Schema Development
  ☆89Updated 5 years ago
• msuhanov / dfir_ntfs
  An NTFS/FAT parser for digital forensics & incident response
  ☆218Updated 2 months ago
• CybercentreCanada / assemblyline-base
  Base components for Assemblyline 4 (Datastore, ODM, Filestore, Remote Datatypes, utils function, etc...)
  ☆70Updated last week
• log2timeline / dftimewolf
  A framework for orchestrating forensic collection, processing and data export
  ☆336Updated last week
• MISP / misp-book
  User guide of MISP
  ☆281Updated last year
• MHaggis / CBR-Queries
  Collection of useful, up to date, Carbon Black Response Queries
  ☆84Updated 5 years ago