Panorama by AlmCo

Fast incident overview

updated at Jan. 2, 2023, 1:12 a.m.

3 +0

38 +0

6 +0

pyarascanner by nogoodconfig

A simple many-rules to many-files YARA scanner for incident response or malware zoos.

updated at July 6, 2023, 2:10 a.m.

3 +0

25 +0

4 +0

sqhunter by 0x4D31

A simple threat hunting tool based on osquery, Salt Open and Cymon API

updated at Jan. 3, 2024, 2:14 p.m.

12 +0

65 +0

15 +0

domfind by diogo-fernan

A Python DNS crawler to find identical domain names under different TLDs.

updated at Jan. 4, 2024, 12:28 p.m.

4 +0

20 +0

3 +0

Fastir_Collector_Linux by SekoiaLab

None

updated at Jan. 25, 2024, 4:16 p.m.

23 +0

165 +0

43 +0

CIRTKit by opensourcesec

Tools for the Computer Incident Response Team

updated at Jan. 31, 2024, 10:04 a.m.

19 +0

140 +0

25 +0

hostintel by keithjjones

A modular Python application to collect intelligence for malicious hosts.

updated at Feb. 9, 2024, 5:33 p.m.

30 +0

258 +0

52 +0

imagemounter by ralphje

Command line utility and Python package to ease the (un)mounting of forensic disk images

updated at March 1, 2024, 8:14 a.m.

13 +0

111 +0

36 +0

AutoTTP by jymcheong

Automated Tactics Techniques & Procedures

updated at March 8, 2024, 11:16 a.m.

24 +0

244 +0

64 +0

doorman by mwielgoszewski

an osquery fleet manager

updated at March 8, 2024, 11:26 a.m.

33 +0

616 +0

95 +0

fileintel by keithjjones

A modular Python application to pull intelligence about malicious files

updated at March 20, 2024, 12:49 a.m.

17 +0

113 +0

25 +0

VolDiff by aim4r

VolDiff: Malware Memory Footprint Analysis based on Volatility

updated at March 26, 2024, 6:38 a.m.

28 +0

192 +0

50 +0

cuckoo-modified by spender-sandbox

Modified edition of cuckoo

updated at March 26, 2024, 7:39 p.m.

72 +0

388 +0

178 +0

artifacts-kb by ForensicArtifacts

Digital Forensics Artifacts Knowledge Base

updated at April 5, 2024, 10:45 p.m.

8 +0

69 +0

15 +0

winreg-kb by libyal

Windows Registry Knowledge Base

updated at April 9, 2024, 6:50 a.m.

16 +0

151 +0

20 +0

VolatilityBot by mkorman90

VolatilityBot – An automated memory analyzer for malware samples and memory dumps

updated at April 9, 2024, 9:41 p.m.

27 +0

259 +0

59 +0

mutablesecurity by MutableSecurity

CLI program for automating the setup, configuration, and use of cybersecurity solutions

updated at April 12, 2024, 10:36 p.m.

1 +0

41 +0

6 +0

Fastir_Collector by SekoiaLab

None

updated at April 23, 2024, 6:22 a.m.

63 +0

502 +0

128 +0

Hoarder by muteb

This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole har drive.

updated at April 25, 2024, 5:48 p.m.

10 +0

187 +0

18 +0

margaritashotgun by ThreatResponse

Remote Memory Acquisition Tool

updated at April 27, 2024, 8:50 a.m.

17 +0

235 +0

50 +0