144 Open source projects that are alternatives of or similar to artifactcollector

Cortex Analyzers Repository

CIRCL system forensic tools or a jumble of tools to support forensic

Carve file metadata from NTFS index ($I30) attributes

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Cortex: a Powerful Observable Analysis and Active Response Engine

Documentation of TheHive

Python API Client for TheHive

📇 Digital Forensics Artifact Repository (forensicanalysis edition)

DFIRTrack - The Incident Response Tracking Application

Digital Forensics Investigation Platform

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

Everything related to Linux Forensics

A curated list of awesome forensic analysis tools and resources

Educational, CTF-styled labs for individuals interested in Memory Forensics

Catalyst is an open source SOAR system that helps to automate alert handling and incident response processes

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

You didn't think I'd go and leave the blue team out, right?

Parses Windows event logs files based on SANS Poster

This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices

An Incident Response tool to extract console command history and screen output buffer

System Management RAM analysis tool

PowerShell module for Office 365 and Azure log collection

Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.

Deploy and maintain Symon through the Splunk Deployment Sever

Provides various Windows Server Active Directory (AD) security-focused reports.

Telegram cache4.db parser

Information Security Library

Virustotal Data to Timesketch

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Validates yara rules and tries to repair the broken ones.

ThePhish: an automated phishing email analysis tool

Trace ScriptBlock execution for powershell v2

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

The Python implementation of the AFF4 standard.

Documentation for Zeek

Docker configurations for TheHive, Cortex and 3rd party tools

This is a python tool aiming to make using TheHive webhooks easier.

Python tool and library to help analyze files during malware triage and analysis.

Python 3 Script to parse out iTunes backups

A simple many-rules to many-files YARA scanner for incident response or malware zoos.

Live system forensic collector

A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.

A script to assist in processing forensic RAM captures for malware triage

Dumps all of the Key/Value pairs from a LevelDB database

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

Timeline of Active Directory changes with replication metadata

Cybersecurity Career Path

Automate the creation of a lab environment complete with security tooling and logging best practices

DDTTX Tabletop Trainings

CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library

🔮 Visibility Across Space and Time

Analyst Unknown Cyber Range - a micro web service framework

A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.

A knowledge base of actionable Incident Response techniques

A list of free and open forensics analysis tools and other resources

Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)

A Splunk Technology Add-on to forward filtered ETW events.

Query and report user logons relations from MS Windows Security Events