VolDiff by aim4r

VolDiff: Malware Memory Footprint Analysis based on Volatility

updated at March 26, 2024, 6:38 a.m.

Python

28 +0

192 +0

50 +0

GitHub
cuckoo-modified by spender-sandbox

Modified edition of cuckoo

updated at March 26, 2024, 7:39 p.m.

Python

72 +0

388 +0

178 +0

GitHub
scot by sandialabs

Sandia Cyber Omni Tracker (SCOT)

updated at March 31, 2024, 6:13 a.m.

JavaScript

38 +0

242 +0

48 +0

GitHub
evolve by JamesHabben

Web interface for the Volatility Memory Forensics Framework

updated at April 4, 2024, 10:44 p.m.

JavaScript

38 +0

259 +0

42 +0

GitHub
artifacts-kb by ForensicArtifacts

Digital Forensics Artifacts Knowledge Base

updated at April 5, 2024, 10:45 p.m.

Python

8 +0

69 +0

15 +0

GitHub
winreg-kb by libyal

Windows Registry Knowledge Base

updated at April 9, 2024, 6:50 a.m.

Python

16 +0

151 +0

20 +0

GitHub
VolatilityBot by mkorman90

VolatilityBot – An automated memory analyzer for malware samples and memory dumps

updated at April 9, 2024, 9:41 p.m.

Python

27 +0

259 +0

59 +0

GitHub
spyre by spyre-project

simple YARA-based IOC scanner

updated at April 11, 2024, 10:31 a.m.

Go

12 +0

159 +0

27 +0

GitHub
mutablesecurity by MutableSecurity

CLI program for automating the setup, configuration, and use of cybersecurity solutions

updated at April 12, 2024, 10:36 p.m.

Python

1 +0

41 +0

6 +0

GitHub
Invoke-LiveResponse by mgreen27

Invoke-LiveResponse

updated at April 16, 2024, 12:32 a.m.

PowerShell

13 +0

144 +0

29 +0

GitHub
SysmonSearch by JPCERTCC

Investigate suspicious activity by visualizing Sysmon's event log

updated at April 18, 2024, 9:47 a.m.

JavaScript

44 +0

409 +0

58 +0

GitHub
Fastir_Collector by SekoiaLab

None

updated at April 23, 2024, 6:22 a.m.

Python

63 +0

502 +0

128 +0

GitHub
incident-response-docs by PagerDuty

PagerDuty's Incident Response Documentation.

updated at April 24, 2024, 3:02 p.m.

Dockerfile

68 +0

1,009 +0

222 +0

GitHub
bitscout by vitaly-kamluk

Remote forensics meta tool

updated at April 24, 2024, 5:26 p.m.

Shell

49 +0

437 +0

105 +0

GitHub
Hoarder by muteb

This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole har drive.

updated at April 25, 2024, 5:48 p.m.

Python

10 +0

187 +0

18 +0

GitHub
stenographer by google

Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com

updated at April 25, 2024, 6:46 p.m.

Go

104 +0

1,788 +0

232 +1

GitHub
threat_note by DefensePointSecurity

DPS' Lightweight Investigation Notebook

updated at April 27, 2024, 8:49 a.m.

HTML

57 +0

420 +0

97 +0

GitHub
nightHawkResponse by biggiesmallsAG

Incident Response Forensic Framework

updated at April 27, 2024, 8:49 a.m.

Go

82 +0

596 +0

139 +0

GitHub
margaritashotgun by ThreatResponse

Remote Memory Acquisition Tool

updated at April 27, 2024, 8:50 a.m.

Python

17 +0

235 +0

50 +0

GitHub
ir-rescue by diogo-fernan

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

updated at April 27, 2024, 8:50 a.m.

Batchfile

45 +0

447 +0

93 +0

GitHub
Most stars Fewest stars Most forks Fewest forks Most watchers Fewest watchers Recently created Least recently created Recently updated Least recently updated Most repositories Fewest repositories
All languages 135 Python 60 JavaScript 11 Unknown languages 10 Go 9 PowerShell 9 C 5 C++ 5 Rust 5 Shell 5 C# 4 HTML 4 Batchfile 2 AutoIt 1 Dockerfile 1 Java 1 Jupyter Notebook 1 PHP 1 Perl 1