awesome-forensics by cugu

⭐️ A curated list of awesome forensic analysis tools and resources

created at March 29, 2016, 8:54 p.m.

Unknown languages

174 +0

4,003 +8

625 +2

GitHub
ThreatHunter-Playbook by OTRF

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

created at March 28, 2017, 3:07 a.m.

Python

373 +1

4,032 +9

810 +3

GitHub
grr by google

GRR Rapid Response: remote live forensics for incident response

created at Dec. 4, 2013, 12:17 a.m.

Python

315 -1

4,789 +6

763 +0

GitHub
sysmon-config by SwiftOnSecurity

Sysmon configuration file template with default high-quality event tracing

created at Feb. 1, 2017, 6:49 p.m.

Unknown languages

356 +0

4,810 +2

1,710 +3

GitHub
capa by mandiant

The FLARE team's open-source tool to identify capabilities in executable files.

created at June 16, 2020, 9:24 p.m.

Python

82 +0

4,886 +11

564 +4

GitHub
cuckoo by cuckoosandbox

Cuckoo Sandbox is an automated dynamic malware analysis system

created at Sept. 7, 2011, 12:12 p.m.

JavaScript

436 +0

5,564 +0

1,705 +0

GitHub
caldera by mitre

Automated Adversary Emulation Platform

created at Nov. 29, 2017, 1:25 a.m.

Python

171 +0

5,671 +16

1,077 +3

GitHub
flare-vm by mandiant

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

created at July 5, 2017, 9:17 p.m.

PowerShell

200 +0

6,613 +25

922 +3

GitHub
volatility by volatilityfoundation

An advanced memory forensics framework

created at April 24, 2014, 3:45 p.m.

Python

310 +1

7,364 +15

1,282 +2

GitHub
sigma by SigmaHQ

Main Sigma Rule Repository

created at Dec. 24, 2016, 9:48 a.m.

Python

345 -1

8,397 +28

2,206 +8

GitHub
atomic-red-team by redcanaryco

Small and highly portable detection tests based on MITRE's ATT&CK.

created at Oct. 11, 2017, 5:23 p.m.

C

351 -1

9,815 +26

2,808 +5

GitHub
cutter by rizinorg

Free and Open Source Reverse Engineering Platform powered by rizin

created at Sept. 25, 2017, 9:50 a.m.

C++

305 +0

15,905 +20

1,150 +0

GitHub
radare2 by radareorg

UNIX-like reverse engineering framework and command-line toolset

created at July 3, 2012, 7:42 a.m.

C

489 +1

20,749 +39

3,007 +1

GitHub
ghidra by NationalSecurityAgency

Ghidra is a software reverse engineering (SRE) framework

created at March 1, 2019, 3:27 a.m.

Java

1,038 +1

52,058 +194

5,899 +6

GitHub
Most stars Fewest stars Most forks Fewest forks Most watchers Fewest watchers Recently created Least recently created Recently updated Least recently updated Most repositories Fewest repositories
All languages 134 Python 59 JavaScript 11 PowerShell 9 Unknown languages 9 Go 8 C 5 C++ 5 Rust 5 Shell 5 C# 4 HTML 4 Batchfile 2 Perl 2 AutoIt 1 Dockerfile 1 Java 1 Jupyter Notebook 1 PHP 1 Vue 1