mutablesecurity by MutableSecurity

CLI program for automating the setup, configuration, and use of cybersecurity solutions

updated at Aug. 23, 2024, 2:58 p.m.

1 +0

43 +0

7 +0

pyarascanner by nogoodconfig

A simple many-rules to many-files YARA scanner for incident response or malware zoos.

updated at Aug. 24, 2024, 4:20 p.m.

3 +0

26 +0

4 +0

Panorama by AlmCo

Fast incident overview

updated at Aug. 24, 2024, 4:57 p.m.

3 +0

39 +0

7 +0

AutoTTP by jymcheong

Automated Tactics Techniques & Procedures

updated at Sept. 9, 2024, 2:37 a.m.

24 +0

251 +0

64 +0

VolatilityBot by mkorman90

VolatilityBot – An automated memory analyzer for malware samples and memory dumps

updated at Sept. 15, 2024, 8:26 p.m.

27 +0

263 +0

59 +0

CIRTKit by opensourcesec

Tools for the Computer Incident Response Team

updated at Oct. 3, 2024, 5:12 a.m.

20 +0

142 +0

25 +0

hostintel by keithjjones

A modular Python application to collect intelligence for malicious hosts.

updated at Oct. 3, 2024, 5:12 a.m.

30 +0

262 +0

51 +0

fileintel by keithjjones

A modular Python application to pull intelligence about malicious files

updated at Oct. 3, 2024, 5:12 a.m.

17 +0

118 +0

25 +0

cuckoo-modified-api by keithjjones

A Python library to interface with a cuckoo-modified instance

updated at Oct. 3, 2024, 5:12 a.m.

6 +0

21 +0

7 +0

dfirtrack by dfirtrack

DFIRTrack - The Incident Response Tracking Application

updated at Oct. 17, 2024, 7:23 a.m.

25 +0

482 +0

75 +0

rastrea2r by rastrea2r

Collecting & Hunting for IOCs with gusto and style

updated at Oct. 21, 2024, 7:56 a.m.

17 +0

238 +0

53 +0

mastiff by KoreLogicSecurity

Malware static analysis framework

updated at Oct. 21, 2024, 10:37 a.m.

18 +0

174 +0

40 +0

domfind by diogo-fernan

A Python DNS crawler to find identical domain names under different TLDs.

updated at Oct. 22, 2024, 7:12 p.m.

4 +0

24 +0

3 +0

viper by viper-framework

Binary analysis and management framework

updated at Oct. 25, 2024, 1:49 a.m.

148 +0

1,539 +0

350 +0

artifacts-kb by ForensicArtifacts

Digital Forensics Artifacts Knowledge Base

updated at Nov. 2, 2024, 12:41 a.m.

7 +0

75 +0

16 +0

MozDef by mozilla

DEPRECATED - MozDef: Mozilla Enterprise Defense Platform

updated at Nov. 2, 2024, 2:03 p.m.

151 +0

2,168 +0

328 +0

acquire by fox-it

acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.

updated at Nov. 5, 2024, 6:53 a.m.

15 +0

91 +0

26 +0

winreg-kb by libyal

Windows Registry Knowledge Base

updated at Nov. 6, 2024, 2:18 p.m.

15 +0

162 +0

20 +0

osxcollector by Yelp

A forensic evidence collection & analysis toolkit for OS X

updated at Nov. 6, 2024, 2:25 p.m.

125 +0

1,875 +0

243 +0

appcompatprocessor by mbevilacqua

"Evolving AppCompat/AmCache data analysis beyond grep"

updated at Nov. 7, 2024, 6:55 a.m.

17 +0

197 +0

25 +0