Alternatives and similar repositories for DOPP:

Users that are interested in DOPP are comparing it to the libraries listed below

• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆32Updated 3 months ago
• MeltingBot / fake_ransomware_group
  Interactive simulation of a fictional ransomware group's dashboard
  ☆12Updated 5 months ago
• ANSSI-FR / ORADAZ
  Outil de récupération automatique des données AZure / Automated tool for dumping Azure configuration data
  ☆18Updated 3 weeks ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆153Updated 10 months ago
• ANSSI-FR / guide-journalisation-microsoft
  Guide journalisation Microsoft
  ☆60Updated 8 months ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆118Updated 11 months ago
• tsale / EDR-Telemetry-Website
  ☆74Updated last week
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆167Updated last month
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆147Updated 6 months ago
• openrelik / openrelik-server
  The core backend server handling API requests and task management
  ☆37Updated last week
• lawndoc / Respotter
  Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.
  ☆192Updated 2 months ago
• AlbinoGazelle / esxi-testing-toolkit
  🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
  ☆71Updated 2 months ago
• curated-intel / The-CTI-Research-Guide
  A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners
  ☆83Updated 4 months ago
• EfstratiosLontzetidis / pythia
  Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…
  ☆32Updated 7 months ago
• khyrenz / parseusbs
  Parses USB connection artifacts from offline Registry hives
  ☆95Updated last month
• krdmnbrk / atomicgen.io
  A simple tool designed to create Atomic Red Team tests with ease.
  ☆38Updated last week
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆156Updated 2 months ago
• tsale / Sigma_rules
  Sigma rules to share with the community
  ☆119Updated last month
• cudeso / proof-value-cti
  Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.
  ☆51Updated 4 months ago
• YoNixNeXRo / C2Live
  Track C2 servers, tools, and botnets over time by framework and location
  ☆37Updated last month
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆84Updated last month
• korniko98 / pivot-atlas
  ☆87Updated last month
• CrowdStrike / VirtualGHOST
  VirtualGHOST Detection Tool
  ☆90Updated 10 months ago
• xg5-simon / MS-Graph-BlueTeam
  MS Graph Commands and Tools for Blue Teamers
  ☆49Updated last year
• stuxnet999 / EventTranscriptParser
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆68Updated last year
• MISP / misp-playbooks
  MISP Playbooks
  ☆188Updated last month
• magicsword-io / LOLRMM
  LotL RMM
  ☆149Updated this week
• joeavanzato / LogBoost
  Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…
  ☆101Updated 5 months ago