787 Open source projects that are alternatives of or similar to Turbinia

Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

PacBot (Policy as Code Bot)

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

PowerShell module for Office 365 and Azure log collection

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

Everything related to Linux Forensics

Python script to decode common encoded PowerShell scripts

Minimalistic DNS logging tool

Python 3 Script to parse out iTunes backups

This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices

A tool for forensic file system reconstruction.

A command-line tool to get valuable information out of AWS CloudTrail

System Management RAM analysis tool

CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library

Event Trace Log file parser in pure Python

Invoke-LiveResponse

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Timeline of Active Directory changes with replication metadata

Sandfly Security Agentless Compromise and Intrusion Detection System For Linux

Carve file metadata from NTFS index ($I30) attributes

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Dumps all of the Key/Value pairs from a LevelDB database

incident response scripts

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.

An Incident Response tool to extract console command history and screen output buffer

VirusTotal Wanna Be - Now with 100% more Hipster

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

Provides various Windows Server Active Directory (AD) security-focused reports.

Truehunter

Query and report user logons relations from MS Windows Security Events

Automagically extract forensic timeline from volatile memory dump

Educational, CTF-styled labs for individuals interested in Memory Forensics

Collaborative forensic timeline analysis

Web browser forensics for Google Chrome/Chromium

Live system forensic collector

Trace ScriptBlock execution for powershell v2

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

macOS Artifact Parsing Tool

A Linux packet crafting tool.

An HPC workload manager and job scheduler for desktops, clusters, and clouds.

Apache Ignite

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

Official code repo for the O'Reilly Book - Practical Deep Learning for Cloud, Mobile & Edge

Shuffle: A general purpose security automation platform platform. We focus on accessibility for all.

Terratag is a CLI tool that enables users of Terraform to automatically create and maintain tags across their entire set of AWS, Azure, and GCP resources

a tool to analyze filesystem images for security

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.

JHipster is a development platform to quickly generate, develop, & deploy modern web applications & microservice architectures.

Cloudinary NPM for node.js integration

Show the weather effects onto view written in Swift4.2

Ansible playbook roles for security

更好的小程序项目架构

An Open Source Control Panel for your Cloud! Deploy and manage LEMP apps in one click!

Alibaba Cloud SDK for PHP

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.