TheBriarPatchAn extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS
Stars: ✭ 21 (+61.54%)
Awesome ForensicsAwesome Forensics Resources. Almost 300 open source forensics tools, and 600 blog posts about forensics.
Stars: ✭ 446 (+3330.77%)
robot hacking manualRobot Hacking Manual (RHM). From robotics to cybersecurity. Papers, notes and writeups from a journey into robot cybersecurity.
Stars: ✭ 169 (+1200%)
Psadpsad: Intrusion Detection and Log Analysis with iptables
Stars: ✭ 298 (+2192.31%)
ForensicsToolsA list of free and open forensics analysis tools and other resources
Stars: ✭ 392 (+2915.38%)
MidasAnomaly Detection on Dynamic (time-evolving) Graphs in Real-time and Streaming manner. Detecting intrusions (DoS and DDoS attacks), frauds, fake rating anomalies.
Stars: ✭ 591 (+4446.15%)
smram parseSystem Management RAM analysis tool
Stars: ✭ 50 (+284.62%)
RecuperabitA tool for forensic file system reconstruction.
Stars: ✭ 280 (+2053.85%)
toolsetUseful tools for CTF competitions
Stars: ✭ 31 (+138.46%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (+2984.62%)
dumproidAndroid process memory dump tool without ndk.
Stars: ✭ 55 (+323.08%)
sqbriteSQBrite is a data recovery tool for SQLite databases
Stars: ✭ 27 (+107.69%)
UsbripTracking history of USB events on GNU/Linux
Stars: ✭ 903 (+6846.15%)
Vol3xpVolatility Explorer Suit
Stars: ✭ 31 (+138.46%)
wipedicksWipe files and drives securely with randoms ASCII dicks
Stars: ✭ 94 (+623.08%)
DFIR-O365RCPowerShell module for Office 365 and Azure log collection
Stars: ✭ 158 (+1115.38%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+31915.38%)
bsmtraceBSM based intrusion detection system
Stars: ✭ 31 (+138.46%)
DiffyDiffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
Stars: ✭ 555 (+4169.23%)
ingest-fileIngestors extract the contents of mixed unstructured documents into structured (followthemoney) data.
Stars: ✭ 40 (+207.69%)
pyHIDSA HIDS (host-based intrusion detection system) for verifying the integrity of a system.
Stars: ✭ 31 (+138.46%)
uacUAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
Stars: ✭ 260 (+1900%)
Swap digger swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.
Stars: ✭ 354 (+2623.08%)
btrfscueRecover files from damaged BTRFS filesystems
Stars: ✭ 28 (+115.38%)
rair-coreRAIR: RAdare In Rust
Stars: ✭ 63 (+384.62%)
yara-forensicsSet of Yara rules for finding files using magics headers
Stars: ✭ 115 (+784.62%)
Wazuh ChefWazuh - Chef cookbooks
Stars: ✭ 9 (-30.77%)
DeepLearning-IDSNetwork Intrusion Detection System using Deep Learning Techniques
Stars: ✭ 76 (+484.62%)
ImageSplicingDetectionIlluminant inconsistencies for image splicing detection in forensics
Stars: ✭ 36 (+176.92%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+1623.08%)
Ossec HidsOSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
Stars: ✭ 3,580 (+27438.46%)
INDXRipperCarve file metadata from NTFS index ($I30) attributes
Stars: ✭ 32 (+146.15%)
suspicious loginDetect and warn about suspicious IPs logging into Nextcloud
Stars: ✭ 45 (+246.15%)
Agentsmith HidsBy Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.
Stars: ✭ 513 (+3846.15%)
vagrant-idsAn Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk
Stars: ✭ 21 (+61.54%)
kdd99-scikitSolutions to kdd99 dataset with Decision tree and Neural network by scikit-learn
Stars: ✭ 50 (+284.62%)
hayabusaHayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Stars: ✭ 908 (+6884.62%)
MalconfscanVolatility plugin for extracts configuration data of known malware
Stars: ✭ 327 (+2415.38%)
harvestTool to sort large collections of files according to common typologies
Stars: ✭ 32 (+146.15%)
NIDS-Intrusion-DetectionSimple Implementation of Network Intrusion Detection System. KddCup'99 Data set is used for this project. kdd_cup_10_percent is used for training test. correct set is used for test. PCA is used for dimension reduction. SVM and KNN supervised algorithms are the classification algorithms of project. Accuracy : %83.5 For SVM , %80 For KNN
Stars: ✭ 45 (+246.15%)
AppmemDumperForensics triage tool relying on Volatility and Foremost
Stars: ✭ 22 (+69.23%)
Fail2banDaemon to ban hosts that cause multiple authentication errors
Stars: ✭ 6,677 (+51261.54%)
GetConsoleHistoryAndOutputAn Incident Response tool to extract console command history and screen output buffer
Stars: ✭ 41 (+215.38%)
macOS-triagemacOS triage is a python script to collect various macOS logs, artifacts, and other data.
Stars: ✭ 20 (+53.85%)
RdpCacheStitcherRdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Stars: ✭ 176 (+1253.85%)
BlockHashLocRecover files using lists of blocks hashes, bypassing the File System entirely
Stars: ✭ 45 (+246.15%)
mini-kaliDocker image for hacking
Stars: ✭ 15 (+15.38%)
qedThe scalable, auditable and high-performance tamper-evident log project
Stars: ✭ 87 (+569.23%)
SeqboxA single file container/archive that can be reconstructed even after total loss of file system structures
Stars: ✭ 480 (+3592.31%)
GensumPowerful checksum generator!
Stars: ✭ 12 (-7.69%)
KauditAlcide Kubernetes Audit Log Analyzer - Alcide kAudit
Stars: ✭ 23 (+76.92%)
MemlabsEducational, CTF-styled labs for individuals interested in Memory Forensics
Stars: ✭ 696 (+5253.85%)
TurbiniaAutomation and Scaling of Digital Forensics Tools
Stars: ✭ 461 (+3446.15%)
ProwlerProwler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (+34984.62%)
ir scriptsincident response scripts
Stars: ✭ 17 (+30.77%)