204 Open source projects that are alternatives of or similar to hashlookup-forensic-analyser

A curated list of awesome forensic analysis tools and resources

Enhanced version of dd for forensics and security

Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.

Automate the creation of a lab environment complete with security tooling and logging best practices

A list of free and open forensics analysis tools and other resources

Live system forensic collector

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

No description or website provided.

Virustotal Data to Timesketch

The Python implementation of the AFF4 standard.

Analyze and help extract older "hidden" versions of a pdf from the current pdf.

A Bloom Filter implementation in Clojure

A script to assist in processing forensic RAM captures for malware triage

Trace ScriptBlock execution for powershell v2

Incident Response - Fast suspicious file finder

Provides various Windows Server Active Directory (AD) security-focused reports.

ganon classifies short DNA sequences against large sets of genomic sequences efficiently, with download and update of references (RefSeq/Genbank), taxonomic (NCBI/GTDB) and hierarchical classification, customized reporting and more

Python 3 Script to parse out iTunes backups

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

Fast hash function for DNA sequences

incident response scripts

Xor filters - efficient probabilistic hashsets. Faster and smaller than bloom and cuckoo filters.

Recover files from damaged BTRFS filesystems

CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library

System Management RAM analysis tool

Analyst Unknown Cyber Range - a micro web service framework

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

Simplistic (but fast) java implementation of a bloom filter.

🦀 Bloom filter implementation in Rust 🦀

Truehunter

Parses Windows event logs files based on SANS Poster

Catalyst is an open source SOAR system that helps to automate alert handling and incident response processes

PowerShell module for Office 365 and Azure log collection

A sort of a toolkit to decrypt Dropbox Windows DBX files

Docker configurations for TheHive, Cortex and 3rd party tools

Dumps all of the Key/Value pairs from a LevelDB database

Incident Response Scripts

Bloom filters for Java

Ingestors extract the contents of mixed unstructured documents into structured (followthemoney) data.

Edited version of Lee Christensen's Get-NetworkConnection which includes timestamp for each network connection

Tools for inspecting disk images

Rootkit Detector for UNIX

Fast Python Bloom Filter using Mmap

Validates yara rules and tries to repair the broken ones.

Probabilistic data structures in Pharo Smalltalk.

🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system

Bloom filter implementation in Crystal lang

Leaked password check library with bloom filter

Probabilistic data structures for Guava.

A Splunk Technology Add-on to forward filtered ETW events.

🗜 A bloom filter implementation in Ruby and Javascript that is serialisable to JSON and compatible between both languages.

An in-memory bloom filter with persistence and HTTP interface

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Minimalistic DNS logging tool

Python tool and library to help analyze files during malware triage and analysis.

Carve file metadata from NTFS index ($I30) attributes

Privacy-preserving Firefox extension linking to Hacker News discussion; built with Bloom filters and WebAssembly

A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

High-speed Bloom filters and taffy filters for C, C++, and Java