dfir
Here are 552 public repositories matching this topic...
harness the power of Splunk for your investigations
-
Updated
May 16, 2024 - Shell
IntelOwl: manage your Threat Intelligence at scale
-
Updated
May 16, 2024 - Python
CLI tools for forensic investigation of Windows artifacts
-
Updated
May 16, 2024 - Rust
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
-
Updated
May 16, 2024 - Rust
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.
-
Updated
May 16, 2024 - Python
Sigma detection rules for hunting with the threathunting-keywords project
-
Updated
May 16, 2024 - Python
yara detection rules for hunting with the threathunting-keywords project
-
Updated
May 16, 2024 - YARA
Awesome list of keywords and artifacts for Threat Hunting sessions
-
Updated
May 16, 2024 - HTML
A curated list of tools for incident response. With repository stars⭐ and forks🍴
-
Updated
May 16, 2024
Forensic Artifacts Collecting Toolkit.
-
Updated
May 16, 2024 - Go
PowerShell script to help Incident Responders discover potential adversary persistence mechanisms.
-
Updated
May 15, 2024 - PowerShell
Extracted Yara rules from Windows Defender mpavbase and mpasbase
-
Updated
May 15, 2024 - YARA
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
-
Updated
May 15, 2024 - XSLT
Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
-
Updated
May 15, 2024 - Python
Mantis is a forensics tool in Go leveraging utilities from Sysinternals and Nirsoft for system analysis and investigation. Automates systems logs retrieval, network connections, process activity analysis, autoruns configurations and more.
-
Updated
May 15, 2024 - Go
YARA signature and IOC database for my scanners and tools
-
Updated
May 15, 2024 - YARA
Improve this page
Add a description, image, and links to the dfir topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the dfir topic, visit your repo's landing page and select "manage topics."