Here are
200 public repositories
matching this topic...
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
Updated
May 24, 2024
Python
Your Everyday Threat Intelligence
Updated
May 24, 2024
Python
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Updated
May 24, 2024
Python
(Sometimes partial) Python re-implementations of the technologies involved in reading various data sources in Chrome-esque applications.
Updated
May 23, 2024
Python
Collaborative forensic timeline analysis
Updated
May 23, 2024
Python
IntelOwl: manage your Threat Intelligence at scale
Updated
May 23, 2024
Python
Cryptocurrency Triage Tool - Identify multiple cryptocurrency addresses and transactions from various wallet applications!
Updated
May 22, 2024
Python
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.
Updated
May 21, 2024
Python
Dissect triage script for Citrix NetScaler devices
Updated
May 21, 2024
Python
Automation and Scaling of Digital Forensics Tools
Updated
May 21, 2024
Python
A collection of resources for Threat Hunters - Sponsored by Falcon Guard
Updated
May 21, 2024
Python
This is a repository dedicated to the DFIR journey. Contains notes, reflections and links to tools.
Updated
May 21, 2024
Python
Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
Updated
May 19, 2024
Python
Graphical interface for the forensic logical acquisition of Mac computers
Updated
May 23, 2024
Python
Python API Client for TheHive
Updated
May 17, 2024
Python
Sigma detection rules for hunting with the threathunting-keywords project
Updated
May 16, 2024
Python
Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
Updated
May 15, 2024
Python
Collection of acquisition scripts for collecting digital forensic artefacts
Updated
May 14, 2024
Python
macOS (& ios) Artifact Parsing Tool
Updated
May 11, 2024
Python
Warning lists to inform users of MISP about potential false-positives or other information in indicators
Updated
May 24, 2024
Python
Improve this page
Add a description, image, and links to the
dfir
topic page so that developers can more easily learn about it.
Curate this topic
Add this topic to your repo
To associate your repository with the
dfir
topic, visit your repo's landing page and select "manage topics."
Learn more
You can’t perform that action at this time.