weslambert / velociraptor-docker

Related projects ⓘ

Alternatives and complementary repositories for velociraptor-docker

• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆105Updated 2 years ago
• AndrewRathbun / Awesome-KAPE
  A curated list of KAPE-related resources
  ☆158Updated 6 months ago
• dfir-scripts / siftgrab
  ☆57Updated 3 weeks ago
• activecm / threat-tools
  Tools for simulating threats
  ☆178Updated last year
• ReconInfoSec / velociraptor-to-timesketch
  ☆1Updated last month
• ANSSI-FR / DFIR4vSphere
  Powershell module for VMWare vSphere forensics
  ☆141Updated 2 weeks ago
• nov3mb3r / trident
  A PowerShell incident response script for quick triage
  ☆75Updated 2 years ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆87Updated last week
• weslambert / velocistack
  ☆51Updated 6 months ago
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆109Updated last year
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆119Updated this week
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆76Updated last week
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆77Updated last week
• siriussecurity / dettectinator
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆104Updated this week
• blueteam0ps / AllthingsTimesketch
  This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.
  ☆94Updated last year
• ekristen / cast
  Cast is an installer for any compatible Saltstack based distribution like SIFT or REMnux
  ☆104Updated 2 weeks ago
• The-DFIR-Report / Yara-Rules
  ☆62Updated this week
• 3CORESec / SIEGMA
  SIEGMA - Transform Sigma rules into SIEM consumables
  ☆141Updated last year
• magicsword-io / sigconverter.io
  An opensource sigma conversion tool built using pysigma
  ☆101Updated this week
• MISP / misp-playbooks
  MISP Playbooks
  ☆174Updated this week
• Hestat / ossec-sysmon
  A Ruleset to enhance detection capabilities of Ossec using Sysmon
  ☆87Updated 2 years ago
• magicsword-io / LOLRMM
  LotL RMM
  ☆101Updated last week
• swisscom / Invoke-Forensics
  Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
  ☆109Updated 11 months ago
• CrowdStrike / SuperMem
  A python script developed to process Windows memory images based on triage type.
  ☆258Updated 11 months ago
• ControlCompass / ControlCompass.github.io
  Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
  ☆123Updated 8 months ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆148Updated 6 months ago
• chocolatecoat / DFIR-Templates
  Incident Response documents and tooling
  ☆63Updated last year
• csababarta / memory-baseliner
  Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…
  ☆49Updated last year
• The-DFIR-Report / Sigma-Rules
  Rules generated from our investigations.
  ☆189Updated 3 weeks ago
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆94Updated last year