unix_collector is a live response collection script for Incident Response on UNIX-like systems using native binaries.
-
Updated
Jun 12, 2024 - Shell
unix_collector is a live response collection script for Incident Response on UNIX-like systems using native binaries.
A curated list of tools for incident response. With repository stars⭐ and forks🍴
🏴☠️ BST is an ever-evolving collection of 🛠 tools to help in security and administration day to day tasks 😉
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.
Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
This tool is designed to support the investigation of Unified Audit Logs. The tool processes the logs, enriches IP addresses, offers filtering and provides visualizations.
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
A cross platform forensic parser written in Rust!
Your Everyday Threat Intelligence
YARA signature and IOC database for my scanners and tools
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Convert Kape Files to DFIR-ORC configurations
Harness the power of Splunk for your investigations
yara detection rules for hunting with the threathunting-keywords project
Forensic Artifacts Collecting Toolkit
Add a description, image, and links to the dfir topic page so that developers can more easily learn about it.
To associate your repository with the dfir topic, visit your repo's landing page and select "manage topics."