cyberstarsgithub

cyberstars / purpose / forensics

Outils pour forensics

Incident response and evidence collection.

88 tools indexed

Wireshark

—

Network protocol analyzer.

InterceptAnalyzeNetworksWireless

CGPL-2.0

YARA

—

Pattern matching for malware research.

AnalyzeMonitorBinariesEndpoints

CBSD-3-Clause

YARA Rules

—

Community YARA rule repository.

MonitorAnalyzeBinariesEndpoints

YARAGPL-2.0

Yeti

—

Open-source threat-intel platform.

AutomateAnalyzeNetworksEndpoints

PythonApache-2.0

Zeek

—

Network analysis framework.

MonitorAnalyzeNetworks

C++BSD-3-Clause

al-khaser

—

Malware analysis evasion test suite.

AnalyzeBinaries

C++GPL-3.0

bulk_extractor

—

High-speed forensic feature extractor.

AnalyzeEndpointsBinaries

C++MIT

capa

—

Identify executable capabilities.

AnalyzeBinaries

PythonApache-2.0

dnSpy

—

.NET assembly debugger and editor.

AnalyzeBinaries

C#GPL-3.0

eCapture

—

Capture SSL/TLS plaintext with eBPF.

InterceptAnalyzeNetworksEndpoints

CApache-2.0

flare-emu

—

IDA Pro emulation scripting framework.

AnalyzeBinaries

PythonApache-2.0

fq

—

jq for binary formats.

AnalyzeBinariesNetworks

GoMIT

osquery

—

SQL-powered endpoint visibility.

MonitorAnalyzeEndpoints

C++Apache-2.0

pypykatz

—

Mimikatz in pure Python.

AnalyzeCrackActive DirectoryEndpoints

PythonMIT

tcpdump

—

Command-line packet capture.

InterceptAnalyzeNetworks

CBSD-3-Clause

tcpflow

—

TCP/IP stream demultiplexer.

InterceptAnalyzeNetworks

C++GPL-3.0