GitHub - mandiant/capa: The FLARE team's open-source tool to identify capabilities in executable files.
Book 4
Sigcheck - Sysinternals
Bergen_collaborative-timeline-analysis-in-large-incidents-sans-timeline-analysis-in-large.pdf
Timeline Explorer - AboutDFIR - The Definitive Compendium Project
Table of Contents Page 1 – Introduction, Screenshots Page 2 – Why Use Timeline Explorer? Page 3 – Conclusion, Timeline Explorer-Related Blog Posts/Videos, Change Log Introduction Timeline Explorer is a free, feature-rich Excel replacement that’s catered specifically for digital forensic examinations. There are a handful of quality of life features over Excel that are worth […]
Timesketch
GitHub - daveherrald/SA_plaso-app-for-splunk
Contribute to daveherrald/SA_plaso-app-for-splunk development by creating an account on GitHub.
Using Splunk for Computer Forensics
GitHub - google/timesketch: Collaborative forensic timeline analysis
Collaborative forensic timeline analysis. Contribute to google/timesketch development by creating an account on GitHub.
l2t-tools/yara_match.py at master · kiddinn/l2t-tools
Automatically exported from code.google.com/p/l2t-tools - l2t-tools/yara_match.py at master · kiddinn/l2t-tools
Latest
GitHub - SigmaHQ/sigma: Generic Signature Format for SIEM Systems
Generic Signature Format for SIEM Systems. Contribute to SigmaHQ/sigma development by creating an account on GitHub.
GitHub - orlikoski/Skadi: Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux - GitHub - orlikoski/Skadi: Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
GitHub - ctxis/CAPE: Malware Configuration And Payload Extraction
Malware Configuration And Payload Extraction. Contribute to ctxis/CAPE development by creating an account on GitHub.
Google Custom Search - Malware Analysis Search
plaso - home of the super timeline
PEStudio