opensourcesec / Cirtkit
Licence: mit
Tools for the Computer Incident Response Team π»
Stars: β 117
Programming Languages
python
139335 projects - #7 most used programming language
Labels
Projects that are alternatives of or similar to Cirtkit
yara-rules
Yara rules written by me, for free use.
Stars: β 13 (-88.89%)
Mutual labels: dfir, malware-analysis
pftriage
Python tool and library to help analyze files during malware triage and analysis.
Stars: β 77 (-34.19%)
Mutual labels: dfir, malware-analysis
Malcom
Malcom - Malware Communications Analyzer
Stars: β 988 (+744.44%)
Mutual labels: dfir, malware-analysis
calamity
A script to assist in processing forensic RAM captures for malware triage
Stars: β 24 (-79.49%)
Mutual labels: dfir, malware-analysis
Malice
VirusTotal Wanna Be - Now with 100% more Hipster
Stars: β 1,253 (+970.94%)
Mutual labels: dfir, malware-analysis
Vm setup
A collection of scripts to initialize a windows VM to run all the malwares!
Stars: β 101 (-13.68%)
Mutual labels: malware-analysis
Analyzer
π Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: β 108 (-7.69%)
Mutual labels: malware-analysis
Fundamentos Engenharia Reversa
Livro: Fundamentos de Engenharia Reversa
Stars: β 93 (-20.51%)
Mutual labels: malware-analysis
Florentino
Fast Static File Analysis Framework
Stars: β 92 (-21.37%)
Mutual labels: malware-analysis
Capa
The FLARE team's open-source tool to identify capabilities in executable files.
Stars: β 1,981 (+1593.16%)
Mutual labels: malware-analysis
Pe Sieve
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Stars: β 1,783 (+1423.93%)
Mutual labels: malware-analysis
Fileintel
A modular Python application to pull intelligence about malicious files
Stars: β 97 (-17.09%)
Mutual labels: malware-analysis
Oletools
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
Stars: β 1,848 (+1479.49%)
Mutual labels: malware-analysis
Threathunt
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: β 92 (-21.37%)
Mutual labels: dfir
Gda Android Reversing Tool
GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, datβ¦
Stars: β 2,332 (+1893.16%)
Mutual labels: malware-analysis
Lolbas
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: β 1,506 (+1187.18%)
Mutual labels: dfir
Awesome Forensics
A curated list of awesome forensic analysis tools and resources
Stars: β 1,775 (+1417.09%)
Mutual labels: dfir
One DFIR console to rule them all. Built on top of the Viper Framework
Documentation
- Please see the wiki for more information about CIRTKit and documentation
Roadmap
Future integrations
- Bit9
- Palo Alto Networks
- EnCase/FTK
Future modules
- Packet Analysis (possibly Dshell)
- Javascript Unpacking/Deobfuscation
- Volatility Memory Analysis Framework
- Hex Viewer/Editor
Scripting Framework
- Automation is key. Scripting is key to DFIR, thus needs to be available in CIRTKit
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].