HELK by Cyb3rWard0g

The Hunting ELK

updated at June 22, 2024, 8:04 a.m.

214 +0

3,722 +2

676 +1

cuckoo-modified by spender-sandbox

Modified edition of cuckoo

updated at June 22, 2024, 12:09 p.m.

72 +0

390 +1

178 +0

Shuffle by Shuffle

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

updated at June 22, 2024, 2:03 p.m.

35 +0

1,314 +7

307 +0

security-apis by deralexxx

A collective list of public APIs for use in security. Contributions welcome

updated at June 22, 2024, 3:58 p.m.

59 +0

849 +2

131 +1

MemProcFS by ufrisk

MemProcFS

updated at June 22, 2024, 5:10 p.m.

78 +0

2,787 +21

348 +6

OSXAuditor by jipegit

OS X Auditor is a free Mac OS X computer forensics tool

updated at June 22, 2024, 5:16 p.m.

182 +0

3,129 +1

283 +0

RTA by endgameinc

None

updated at June 22, 2024, 5:17 p.m.

97 +0

1,041 +1

213 +0

awesome-event-ids by stuhli

Collection of Event ID ressources useful for Digital Forensics and Incident Response

updated at June 22, 2024, 5:31 p.m.

24 +0

555 +3

83 +0

IRTriage by AJMartel

Incident Response Triage - Windows Evidence Collection for Forensic Analysis

updated at June 22, 2024, 5:36 p.m.

17 +0

125 +1

26 +0

grr by google

GRR Rapid Response: remote live forensics for incident response

updated at June 22, 2024, 8:39 p.m.

317 +0

4,686 +5

760 +0

dissect by fox-it

Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group).

updated at June 22, 2024, 8:52 p.m.

19 +0

880 +3

61 +0

bulk_extractor by simsong

This is the development tree. Production downloads are at:

updated at June 22, 2024, 9:26 p.m.

74 +0

1,032 +3

183 +1

sigma by SigmaHQ

Main Sigma Rule Repository

updated at June 22, 2024, 10 p.m.

331 +1

7,825 +25

2,119 +1

timesketch by google

Collaborative forensic timeline analysis

updated at June 22, 2024, 10:36 p.m.

137 +0

2,522 +5

577 +0

volatility by volatilityfoundation

An advanced memory forensics framework

updated at June 23, 2024, 3:08 a.m.

307 +0

7,024 +13

1,258 +4

caldera by mitre

Automated Adversary Emulation Platform

updated at June 23, 2024, 3:33 a.m.

166 +0

5,306 +14

1,028 -1

Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

updated at June 23, 2024, 3:34 a.m.

186 +0

3,276 +5

576 +1

Fenrir by Neo23x0

Simple Bash IOC Scanner

updated at June 23, 2024, 3:36 a.m.

41 +2

672 +1

103 +0

radare2 by radareorg

UNIX-like reverse engineering framework and command-line toolset

updated at June 23, 2024, 3:42 a.m.

486 +0

19,900 +40

2,951 +0

sysmon-modular by olafhartong

A repository of sysmon configuration modules

updated at June 23, 2024, 4:15 a.m.

165 +1

2,543 +5

572 +0