243 Open source projects that are alternatives of or similar to bits_parser

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

incident response scripts

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Python script to decode common encoded PowerShell scripts

Live system forensic collector

#ThreatHunting #DFIR #Malware #Detection Mind Maps

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Trace ScriptBlock execution for powershell v2

This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices

Invoke-LiveResponse

Carve file metadata from NTFS index ($I30) attributes

CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library

This repository is a curated list of pro bono incident response entities.

Truehunter

A Lambda-powered Security Orchestration framework for AWS GuardDuty

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

Rootkit Detector for UNIX

Cyber-investigation Analysis Standard Expression (CASE) Ontology

Android process memory dump tool without ndk.

Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)

Very basic CLI SIEM (Security Information and Event Management system).

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

Volatility Explorer Suit

Cyber Incident Response Team Playbook Battle Cards

Wazuh - Puppet module

System Management RAM analysis tool

Jenkins plug-in that mines and analyzes data from a Git repository

Useful tools for CTF competitions

Incident Response - Fast suspicious file finder

No description or website provided.

This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.

Simple Live Data Collection Tool

RAIR: RAdare In Rust

A boot record parser that identifies known good signatures for MBR, VBR and IPL.

The Python implementation of the AFF4 standard.

Parses Windows event logs files based on SANS Poster

SQBrite is a data recovery tool for SQLite databases

Salt States for Configuring the SIFT Workstation

A parser for Unified logging tracev3 files

Catalyst is an open source SOAR system that helps to automate alert handling and incident response processes

Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️

PowerShell module for Office 365 and Azure log collection

A concise, directive, specific, flexible, and free incident response plan template

Code for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"

U-Net for fingerprint denoising

macOS triage is a python script to collect various macOS logs, artifacts, and other data.

[180+ scripts] There are a few genuine gems in there. And a lot of spaghetti code. Most of these scripts were for solving CTF's. If you googles something for a CTF and landed here look at the scripts they're all fairly malleable. Sorry for the shitty naming conventions (not really). If you are a recruiter stop. I wont be able to rewrite half thi…

Incident Response collection and processing scripts with automated reporting scripts

Docker configurations for TheHive, Cortex and 3rd party tools

Robot Hacking Manual (RHM). From robotics to cybersecurity. Papers, notes and writeups from a journey into robot cybersecurity.

Provides various Windows Server Active Directory (AD) security-focused reports.

Python 3 Script to parse out iTunes backups

Enhanced version of dd for forensics and security

Docker image for hacking

Dumps all of the Key/Value pairs from a LevelDB database

This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, directly with VirtualBox, forensically proof.

Ingestors extract the contents of mixed unstructured documents into structured (followthemoney) data.