200 Open source projects that are alternatives of or similar to Tr1pd

An extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS

Awesome Forensics Resources. Almost 300 open source forensics tools, and 600 blog posts about forensics.

Robot Hacking Manual (RHM). From robotics to cybersecurity. Papers, notes and writeups from a journey into robot cybersecurity.

psad: Intrusion Detection and Log Analysis with iptables

A list of free and open forensics analysis tools and other resources

Anomaly Detection on Dynamic (time-evolving) Graphs in Real-time and Streaming manner. Detecting intrusions (DoS and DDoS attacks), frauds, fake rating anomalies.

System Management RAM analysis tool

A tool for forensic file system reconstruction.

Useful tools for CTF competitions

OSINT Swiss Army Knife

Android process memory dump tool without ndk.

Free Security and Hacking eBooks

SQBrite is a data recovery tool for SQLite databases

Tracking history of USB events on GNU/Linux

Volatility Explorer Suit

Wipe files and drives securely with randoms ASCII dicks

PowerShell module for Office 365 and Azure log collection

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

U-Net for fingerprint denoising

BSM based intrusion detection system

Python 3 Script to parse out iTunes backups

Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.

Ingestors extract the contents of mixed unstructured documents into structured (followthemoney) data.

A HIDS (host-based intrusion detection system) for verifying the integrity of a system.

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

Recover files from damaged BTRFS filesystems

RAIR: RAdare In Rust

Set of Yara rules for finding files using magics headers

Wazuh - Chef cookbooks

Network Intrusion Detection System using Deep Learning Techniques

Illuminant inconsistencies for image splicing detection in forensics

#ThreatHunting #DFIR #Malware #Detection Mind Maps

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

Carve file metadata from NTFS index ($I30) attributes

Detect and warn about suspicious IPs logging into Nextcloud

By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.

An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk

Solutions to kdd99 dataset with Decision tree and Neural network by scikit-learn

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Volatility plugin for extracts configuration data of known malware

Tool to sort large collections of files according to common typologies

Simple Implementation of Network Intrusion Detection System. KddCup'99 Data set is used for this project. kdd_cup_10_percent is used for training test. correct set is used for test. PCA is used for dimension reduction. SVM and KNN supervised algorithms are the classification algorithms of project. Accuracy : %83.5 For SVM , %80 For KNN

Forensics triage tool relying on Volatility and Foremost

Daemon to ban hosts that cause multiple authentication errors

An Incident Response tool to extract console command history and screen output buffer

macOS triage is a python script to collect various macOS logs, artifacts, and other data.

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

Recover files using lists of blocks hashes, bypassing the File System entirely

Docker image for hacking

The scalable, auditable and high-performance tamper-evident log project

A single file container/archive that can be reconstructed even after total loss of file system structures

Wazuh - Puppet module

Powerful checksum generator!

Alcide Kubernetes Audit Log Analyzer - Alcide kAudit

Educational, CTF-styled labs for individuals interested in Memory Forensics

Automation and Scaling of Digital Forensics Tools

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

incident response scripts