AndrewRathbun / DFIRArtifactMuseumLinks
The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifacts that may no longer be readily available anymore.
☆637Updated last month
Alternatives and similar repositories for DFIRArtifactMuseum
Users that are interested in DFIRArtifactMuseum are comparing it to the libraries listed below
Sorting:
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆637Updated last year
- A repository of DFIR-related Mind Maps geared towards the visual learners!☆543Updated 3 years ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆403Updated last month
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆291Updated last week
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆605Updated 3 weeks ago
- ☆513Updated last year
- This repository serves as a place for community created Targets and Modules for use with KAPE.☆801Updated this week
- Documentation and scripts to properly enable Windows event logs.☆650Updated 2 months ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆199Updated last year
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆766Updated 8 months ago
- The Volatility Collaborative GUI☆263Updated this week
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆342Updated 3 weeks ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆184Updated 2 months ago
- Rules generated from our investigations.☆203Updated 6 months ago
- The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportu…☆217Updated this week
- Repository of attack and defensive information for Business Email Compromise investigations☆271Updated 7 months ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆624Updated 4 months ago
- CyLR - Live Response Collection Tool☆703Updated 3 years ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆276Updated 9 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆955Updated 2 years ago
- Harness the power of Splunk for your investigations☆145Updated 2 months ago
- Get all my software☆180Updated 6 months ago
- A python script developed to process Windows memory images based on triage type.☆265Updated 2 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆799Updated 2 months ago
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆216Updated 2 months ago
- Map tracking ransomware, by OCD World Watch team☆481Updated 9 months ago
- Indexes for SANS Courses and GIAC Certifications☆275Updated last year
- Cyber Incident Response Team Playbook Battle Cards☆425Updated last year
- This repository contains Community and Field contributed content for LogScale☆306Updated 3 weeks ago
- Sigma rule specification☆163Updated 2 weeks ago