cutter by rizinorg

Free and Open Source Reverse Engineering Platform powered by rizin

updated at May 12, 2024, 9:30 p.m.

300 -1

15,111 +47

1,129 +1

CAPEv2 by kevoreilly

Malware Configuration And Payload Extraction

updated at May 12, 2024, 9:27 p.m.

65 +0

1,691 +15

380 +2

chainsaw by WithSecureLabs

Rapidly Search and Hunt through Windows Forensic Artefacts

updated at May 12, 2024, 9:01 p.m.

49 +1

2,562 +9

229 +1

ghidra by NationalSecurityAgency

Ghidra is a software reverse engineering (SRE) framework

updated at May 12, 2024, 8:26 p.m.

1,023 +2

47,946 +132

5,556 +14

uac by tclahr

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

updated at May 12, 2024, 7:59 p.m.

27 +0

638 +9

103 +0

MemProcFS by ufrisk

MemProcFS

updated at May 12, 2024, 7:48 p.m.

76 +0

2,675 +9

331 +1

EVTX-ATTACK-SAMPLES by sbousseaden

Windows Events Attack Samples

updated at May 12, 2024, 7:47 p.m.

144 +0

2,136 +5

392 +0

caldera by mitre

Automated Adversary Emulation Platform

updated at May 12, 2024, 5:38 p.m.

168 +2

5,206 +19

1,014 +2

capa by mandiant

The FLARE team's open-source tool to identify capabilities in executable files.

updated at May 12, 2024, 4:59 p.m.

78 +0

3,881 +14

491 +0

hayabusa by Yamato-Security

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

updated at May 12, 2024, 4:41 p.m.

42 +0

1,969 +14

169 +2

dftimewolf by log2timeline

A framework for orchestrating forensic collection, processing and data export

updated at May 12, 2024, 4 p.m.

25 +0

276 +3

67 +0

plaso by log2timeline

Super timeline all the things

updated at May 12, 2024, 4 p.m.

92 +0

1,628 +4

324 +0

sysmon-config by SwiftOnSecurity

Sysmon configuration file template with default high-quality event tracing

updated at May 12, 2024, 3:41 p.m.

357 +0

4,591 +10

1,670 +1

flare-vm by mandiant

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

updated at May 12, 2024, 3:20 p.m.

199 +1

5,893 +18

868 +3

Shuffle by Shuffle

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

updated at May 12, 2024, 2:41 p.m.

34 +0

1,273 +10

301 +2

velociraptor by Velocidex

Digging Deeper....

updated at May 12, 2024, 2:26 p.m.

70 +0

2,692 +19

450 +3

volatility3 by volatilityfoundation

Volatility 3.0 development

updated at May 12, 2024, 1:17 p.m.

55 +0

2,236 +15

371 +2

Zircolite by wagga40

A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

updated at May 12, 2024, 12:13 p.m.

24 +0

601 +3

84 +0

DidierStevensSuite by DidierStevens

Please no pull requests for this repository. Thanks!

updated at May 12, 2024, 11:19 a.m.

122 +0

1,843 +3

503 +2

rizin by rizinorg

UNIX-like reverse engineering framework and command-line toolset.

updated at May 12, 2024, 10:49 a.m.

46 -1

2,458 +8

330 +1