DidierStevensSuite by DidierStevens

Please no pull requests for this repository. Thanks!

created at May 8, 2015, 11:21 a.m.

127 +0

2,023 +8

531 +2

MozDef by mozilla

DEPRECATED - MozDef: Mozilla Enterprise Defense Platform

created at Feb. 18, 2014, 7:43 a.m.

151 +0

2,168 +0

328 +0

fibratus by rabbitstack

Adversary tradecraft detection, protection, and hunting

created at March 25, 2016, 11:28 a.m.

70 +0

2,210 +0

190 +0

EVTX-ATTACK-SAMPLES by sbousseaden

Windows Events Attack Samples

created at March 15, 2019, 8:45 a.m.

143 -1

2,248 +3

398 +0

hayabusa by Yamato-Security

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

created at Sept. 18, 2020, 5:04 a.m.

42 +1

2,305 +15

203 +0

APTSimulator by NextronSystems

A toolset to make a system look as if it was the victim of an APT attack

created at Feb. 3, 2018, 2:19 p.m.

122 +0

2,469 +6

428 +0

timesketch by google

Collaborative forensic timeline analysis

created at June 19, 2014, 5:49 p.m.

137 +0

2,614 +6

589 +0

sysmon-modular by olafhartong

A repository of sysmon configuration modules

created at Jan. 13, 2018, 9:20 p.m.

165 +0

2,664 +6

590 +2

volatility3 by volatilityfoundation

Volatility 3.0 development

created at Jan. 26, 2014, 6:09 p.m.

57 +0

2,694 +19

460 +2

rizin by rizinorg

UNIX-like reverse engineering framework and command-line toolset.

created at Sept. 30, 2020, 9:15 a.m.

47 +0

2,710 +5

363 +2

LogonTracer by JPCERTCC

Investigate malicious Windows logon by visualizing and analyzing Windows event log

created at Nov. 24, 2017, 6:07 a.m.

136 +0

2,735 +6

443 +0

streamalert by airbnb

StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.

created at Jan. 22, 2017, 1:10 a.m.

101 +0

2,861 +3

332 -1

chainsaw by WithSecureLabs

Rapidly Search and Hunt through Windows Forensic Artefacts

created at Aug. 13, 2021, 1:07 p.m.

53 +0

2,876 +12

264 +0

velociraptor by Velocidex

Digging Deeper....

created at March 24, 2018, 7:39 a.m.

75 +1

2,980 +11

492 +1

security-onion by Security-Onion-Solutions

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

created at March 24, 2015, 8:15 p.m.

301 +0

3,076 +3

522 +1

MemProcFS by ufrisk

MemProcFS

created at Nov. 18, 2018, 6:19 p.m.

85 +1

3,115 +39

380 +5

fleet by fleetdm

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)

created at Nov. 3, 2020, 10:17 p.m.

36 +2

3,119 +12

431 +4

OSXAuditor by jipegit

OS X Auditor is a free Mac OS X computer forensics tool

created at June 19, 2013, 5:26 p.m.

182 +0

3,128 +0

280 +0

Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

created at Jan. 18, 2015, 8:39 a.m.

184 +0

3,402 +7

583 +0

HELK by Cyb3rWard0g

The Hunting ELK

created at March 14, 2017, 7:14 p.m.

215 +0

3,768 +1

684 +1