687 Open source projects that are alternatives of or similar to Pypowershellxray

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices

Invoke-LiveResponse

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Live system forensic collector

incident response scripts

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library

Trace ScriptBlock execution for powershell v2

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Carve file metadata from NTFS index ($I30) attributes

#ThreatHunting #DFIR #Malware #Detection Mind Maps

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

Advanced and easy to use penetration testing framework 💣🔎

System Management RAM analysis tool

Catalyst is an open source SOAR system that helps to automate alert handling and incident response processes

Truehunter

Extract BITS jobs from QMGR queue and store them as CSV records

Recon Hunt Queries

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

macOS Artifact Parsing Tool

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

Automation and Scaling of Digital Forensics Tools

Digital Forensics Investigation Platform

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Open source incident management and response platform.

Web browser forensics for Google Chrome/Chromium

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)

Dumps all of the Key/Value pairs from a LevelDB database

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Incident Response - Fast suspicious file finder

Parses Windows event logs files based on SANS Poster

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

Documentation of TheHive

A tool for forensic file system reconstruction.

Extract and aggregate threat intelligence.

A curated list of tools for incident response

Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.

Imago is a python tool that extract digital evidences from images.

Python API Client for Cortex

Educational, CTF-styled labs for individuals interested in Memory Forensics

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

Alcide Kubernetes Audit Log Analyzer - Alcide kAudit

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

Automagically extract forensic timeline from volatile memory dump

PS / Bash / Python / Other scripts For FUN!

An OSINT Metadata analyzing tool that filters through tags and creates reports

Explore Indicators of Compromise Automatically

Cortex: a Powerful Observable Analysis and Active Response Engine

An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.

Event Trace Log file parser in pure Python

A repository of sysmon configuration modules

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Awesome hacking is an awesome collection of hacking tools.

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Collaborative forensic timeline analysis