MemProcFS by ufrisk

MemProcFS

updated at May 26, 2024, 7:20 a.m.

78 +1

2,706 +19

334 +2

cutter by rizinorg

Free and Open Source Reverse Engineering Platform powered by rizin

updated at May 26, 2024, 6:30 a.m.

300 +0

15,171 +35

1,133 +4

ghidra by NationalSecurityAgency

Ghidra is a software reverse engineering (SRE) framework

updated at May 26, 2024, 5:26 a.m.

1,024 -2

48,170 +124

5,579 +15

volatility3 by volatilityfoundation

Volatility 3.0 development

updated at May 26, 2024, 4:26 a.m.

55 +0

2,270 +18

373 +2

volatility by volatilityfoundation

An advanced memory forensics framework

updated at May 26, 2024, 4:12 a.m.

307 -1

6,973 +17

1,250 +1

capa by mandiant

The FLARE team's open-source tool to identify capabilities in executable files.

updated at May 26, 2024, 4:09 a.m.

79 +0

3,912 +15

494 +0

flare-vm by mandiant

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

updated at May 26, 2024, 4:09 a.m.

200 +2

5,948 +32

873 +2

fleet by fleetdm

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)

updated at May 26, 2024, 3:31 a.m.

31 -1

2,204 +13

359 +5

DidierStevensSuite by DidierStevens

Please no pull requests for this repository. Thanks!

updated at May 26, 2024, 3:04 a.m.

122 +0

1,858 +11

503 +1

plaso by log2timeline

Super timeline all the things

updated at May 26, 2024, 1:36 a.m.

92 +0

1,637 +8

325 +2

fibratus by rabbitstack

A modern tool for Windows kernel exploration and tracing with a focus on security

updated at May 26, 2024, 1:36 a.m.

71 -1

2,093 +6

183 +0

radare2 by radareorg

UNIX-like reverse engineering framework and command-line toolset

updated at May 26, 2024, 12:29 a.m.

483 +0

19,752 +26

2,942 +3

hayabusa by Yamato-Security

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

updated at May 25, 2024, 9:52 p.m.

42 +0

1,992 +9

170 +0

APTSimulator by NextronSystems

A toolset to make a system look as if it was the victim of an APT attack

updated at May 25, 2024, 9:23 p.m.

120 +0

2,391 +7

416 +0

ThreatHunter-Playbook by OTRF

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

updated at May 25, 2024, 9:21 p.m.

369 -1

3,884 +7

796 +0

uac by tclahr

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

updated at May 25, 2024, 9:09 p.m.

27 +0

647 +6

104 +0

awesome-forensics by cugu

A curated list of awesome forensic analysis tools and resources

updated at May 25, 2024, 7:47 p.m.

167 +0

3,638 +23

593 -1

grr by google

GRR Rapid Response: remote live forensics for incident response

updated at May 25, 2024, 6:40 p.m.

316 +0

4,667 +6

760 -1

Meerkat by TonyPhipps

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

updated at May 25, 2024, 6:22 p.m.

31 +0

424 +1

84 +0

timesketch by google

Collaborative forensic timeline analysis

updated at May 25, 2024, 5:44 p.m.

138 +0

2,507 +5

573 +3