viper by viper-framework

Binary analysis and management framework

created at Nov. 9, 2013, 6:24 p.m.

148 +0

1,539 +0

350 +0

grr by google

GRR Rapid Response: remote live forensics for incident response

created at Dec. 4, 2013, 12:17 a.m.

316 +1

4,783 +9

763 +2

volatility3 by volatilityfoundation

Volatility 3.0 development

created at Jan. 26, 2014, 6:09 p.m.

57 +0

2,694 +19

460 +2

imagemounter by ralphje

Command line utility and Python package to ease the (un)mounting of forensic disk images

created at Feb. 3, 2014, 10:27 a.m.

13 +0

120 +0

35 -1

MozDef by mozilla

DEPRECATED - MozDef: Mozilla Enterprise Defense Platform

created at Feb. 18, 2014, 7:43 a.m.

151 +0

2,168 +0

328 +0

volatility by volatilityfoundation

An advanced memory forensics framework

created at April 24, 2014, 3:45 p.m.

309 +0

7,349 +26

1,280 +2

hindsight by obsidianforensics

Web browser forensics for Google Chrome/Chromium

created at May 22, 2014, 3:25 a.m.

67 +0

1,087 +5

142 +1

timesketch by google

Collaborative forensic timeline analysis

created at June 19, 2014, 5:49 p.m.

137 +0

2,614 +6

589 +0

mastiff by KoreLogicSecurity

Malware static analysis framework

created at July 15, 2014, 8:23 p.m.

18 +0

174 +0

40 +0

osxcollector by Yelp

A forensic evidence collection & analysis toolkit for OS X

created at Aug. 4, 2014, 6:25 p.m.

125 +0

1,875 +0

243 +0

plaso by log2timeline

Super timeline all the things

created at Sept. 8, 2014, 11:29 p.m.

94 +1

1,734 +2

352 +1

winreg-kb by libyal

Windows Registry Knowledge Base

created at Sept. 28, 2014, 5:15 a.m.

15 +0

162 +0

20 +0

artifacts by ForensicArtifacts

Digital Forensics artifact repository

created at Oct. 31, 2014, 7:13 p.m.

74 +0

1,062 +1

206 +0

Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

created at Jan. 18, 2015, 8:39 a.m.

184 +0

3,402 +7

583 +0

VolatilityBot by mkorman90

VolatilityBot – An automated memory analyzer for malware samples and memory dumps

created at Feb. 4, 2015, 3:13 p.m.

27 +0

263 +0

59 +0

VolDiff by aim4r

VolDiff: Malware Memory Footprint Analysis based on Volatility

created at April 19, 2015, 12:30 a.m.

28 +0

193 +1

50 +0

domfind by diogo-fernan

A Python DNS crawler to find identical domain names under different TLDs.

created at April 24, 2015, 10:18 a.m.

4 +0

24 +0

3 +0

DidierStevensSuite by DidierStevens

Please no pull requests for this repository. Thanks!

created at May 8, 2015, 11:21 a.m.

127 +0

2,023 +8

531 +2

playbooks by phantomcyber

Phantom Community Playbooks

created at Aug. 31, 2015, 10:35 p.m.

63 +0

472 +0

201 +0

CIRTKit by opensourcesec

Tools for the Computer Incident Response Team

created at Oct. 19, 2015, 3:50 p.m.

20 +0

142 +0

25 +0