SPECTR3 by alpine-sec

Forensic tool for acquisition, triage and analysis of remote block devices via iSCSI protocol.

updated at May 10, 2024, 9:09 a.m.

C#

4 +0

36 +3

3 +0

GitHub
awesome-event-ids by stuhli

Collection of Event ID ressources useful for Digital Forensics and Incident Response

updated at May 10, 2024, 10:42 a.m.

Unknown languages

24 +0

540 +1

83 +0

GitHub
dissect by fox-it

Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group).

updated at May 10, 2024, 10:46 a.m.

Unknown languages

18 +0

859 +1

59 +0

GitHub
IRM by certsocietegenerale

Incident Response Methodologies 2022

updated at May 10, 2024, 10:47 a.m.

Unknown languages

42 +0

882 +3

136 +1

GitHub
SOC-Multitool by zdhenard42

A powerful and user-friendly browser extension that streamlines investigations for security professionals.

updated at May 10, 2024, 10:48 a.m.

JavaScript

10 +0

310 +1

41 +0

GitHub
stringsifter by mandiant

A machine learning tool that ranks strings based on their relevance for malware analysis.

updated at May 10, 2024, 1:23 p.m.

Python

30 +0

648 +2

123 +0

GitHub
avml by Microsoft

AVML - Acquire Volatile Memory for Linux

updated at May 10, 2024, 2:28 p.m.

Rust

32 +0

812 +4

75 +0

GitHub
matano by matanolabs

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

updated at May 10, 2024, 3:45 p.m.

Rust

20 +0

1,359 +2

89 +2

GitHub
gsvsoc_cirt-playbook-battle-cards by guardsight

Cyber Incident Response Team Playbook Battle Cards

updated at May 10, 2024, 4:25 p.m.

Unknown languages

17 +0

337 +3

59 +1

GitHub
RTA by endgameinc

None

updated at May 11, 2024, 1:09 a.m.

Python

98 +0

1,035 +1

213 +0

GitHub
iris-web by dfir-iris

Collaborative Incident Response platform

updated at May 11, 2024, 1:19 a.m.

JavaScript

26 +0

942 +3

142 +1

GitHub
grr by google

GRR Rapid Response: remote live forensics for incident response

updated at May 11, 2024, 3:25 a.m.

Python

316 +0

4,656 +2

760 +1

GitHub
LogonTracer by JPCERTCC

Investigate malicious Windows logon by visualizing and analyzing Windows event log

updated at May 11, 2024, 5:23 a.m.

Python

136 +0

2,633 +3

441 +1

GitHub
orochi by LDO-CERT

The Volatility Collaborative GUI

updated at May 11, 2024, 5:48 a.m.

JavaScript

12 +0

201 +11

19 +2

GitHub
flightsim by alphasoc

A utility to safely generate malicious network traffic patterns and evaluate controls.

updated at May 11, 2024, 6:19 a.m.

Go

35 +0

1,188 +2

128 +0

GitHub
HELK by Cyb3rWard0g

The Hunting ELK

updated at May 11, 2024, 6:28 a.m.

Jupyter Notebook

216 +0

3,702 +3

673 +1

GitHub
mac_apt by ydkhatri

macOS (& ios) Artifact Parsing Tool

updated at May 11, 2024, 9:42 a.m.

Python

44 +0

719 +1

99 +0

GitHub
Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

updated at May 11, 2024, 3:58 p.m.

Python

187 +0

3,251 +3

575 +1

GitHub
Fenrir by Neo23x0

Simple Bash IOC Scanner

updated at May 11, 2024, 4:07 p.m.

Shell

39 +0

662 +2

103 +0

GitHub
RedHunt-OS by redhuntlabs

Virtual Machine for Adversary Emulation and Threat Hunting

updated at May 11, 2024, 5:25 p.m.

Unknown languages

85 +0

1,199 +3

183 +1

GitHub
Most stars Fewest stars Most forks Fewest forks Most watchers Fewest watchers Recently created Least recently created Recently updated Least recently updated Most repositories Fewest repositories
All languages 135 Python 60 JavaScript 11 Unknown languages 10 Go 9 PowerShell 9 C 5 C++ 5 Rust 5 Shell 5 C# 4 HTML 4 Batchfile 2 AutoIt 1 Dockerfile 1 Java 1 Jupyter Notebook 1 PHP 1 Perl 1