All Categories → Operations → dfir

Top 127 dfir open source projects

Documentation for Zeek

✭ 41

Zeek python HTML security pcap dfir bro network-monitoring nsm zeek

TA-Sysmon-deploy

Deploy and maintain Symon through the Splunk Deployment Sever

✭ 31

Batchfile splunk dfir sysmon threat-hunting splunk-deployment

This is a python tool aiming to make using TheHive webhooks easier.

✭ 22

python shell dfir thehive

A simple many-rules to many-files YARA scanner for incident response or malware zoos.

✭ 23

python incident-response dfir yara yara-scanner

Live system forensic collector

✭ 16

go Makefile incident-response forensics dfir forensics-investigations incident-response-tooling edr-toolsets

EventTranscript.db-Research

A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.

✭ 33

dfir windows10 research-and-development kape digitalforensics windows11 eztools

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

✭ 45

incident-response forensics dfir threat-intelligence digger velociraptor cybercx

121-127 of 127 dfir projects