This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team
☆20Oct 9, 2024Updated last year
Alternatives and similar repositories for IR-Cheatsheets
Users that are interested in IR-Cheatsheets are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆12Mar 28, 2026Updated 2 months ago
- Passivedns monitor implementation in Rust.☆12Apr 21, 2016Updated 10 years ago
- The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simp…☆36Nov 13, 2025Updated 6 months ago
- This Repository gives the best and possible strategies against hunting the ransomware☆26Aug 23, 2022Updated 3 years ago
- Threat Hunt Investigation Methodology and Procedure☆15Jul 11, 2022Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Essential playbooks & runbooks for cybersecurity operations. A dynamic resource for security pros to navigate digital threats, with best …☆19May 12, 2026Updated 2 weeks ago
- A summary of the most abbreviations I encountered so far☆29May 18, 2026Updated last week
- Have you ever wanted to search a link or IP address on multiple OSINT pages at once?☆63Jul 7, 2025Updated 10 months ago
- KQL Sentinel and Defender Detection and Hunting Queries.☆16Feb 24, 2026Updated 3 months ago
- Sharing Threat Hunting runbooks☆26Jul 5, 2019Updated 6 years ago
- ☆29Nov 10, 2016Updated 9 years ago
- This tool can gather a lot of info without any defender alerts. It is useful for Penetration testers, SOC Analysts, System administrators…☆29Apr 9, 2025Updated last year
- Malware detonation platform Polygon integration☆10Aug 1, 2023Updated 2 years ago
- This is a CS project that will encrypt shell code from msfvenom using AES☆23Mar 24, 2022Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Advanced Threat Hunting: Ransomware Group☆29Jul 9, 2025Updated 10 months ago
- CrlfiX☆22Jan 30, 2025Updated last year
- Klara docker compose☆11May 19, 2020Updated 6 years ago
- yara detection rules for hunting with the threathunting-keywords project☆162May 11, 2025Updated last year
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆20May 9, 2025Updated last year
- Python script for carving Bitlocker VMK keys☆26Feb 4, 2026Updated 3 months ago
- A collection of reports and case studies to understand the threat landscape for UK critical infrastructure☆40Jan 23, 2024Updated 2 years ago
- A collaboration effort by the DFIR community to provide definitions (sometimes multiple) for common forensic terms!☆26Dec 1, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- The official Prelude SIEM GitHub of https://www.prelude-siem.org☆42Jun 12, 2016Updated 9 years ago
- Field guide to gather low-hanging fruits☆15Mar 20, 2025Updated last year
- Red Team Stored XSS SVG phishing-companion tool with the ability to serve a malicious login page, or clone an html page and implement cus…☆30Mar 31, 2023Updated 3 years ago
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Jul 23, 2020Updated 5 years ago
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 7 months ago
- Library of threat hunts to get any user started!☆51Sep 4, 2020Updated 5 years ago
- ☆32Mar 11, 2026Updated 2 months ago
- ☆15Oct 24, 2024Updated last year
- Tools and scripts to deploy and manage OpenRelik instances☆16Mar 23, 2026Updated 2 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆12Dec 30, 2020Updated 5 years ago
- Docker container for running CobaltStrike 4.10☆38Sep 18, 2024Updated last year
- This repository provides a comprehensive Digital Footprint Checklist to help individuals manage their online presence and enhance privacy…☆17Dec 25, 2024Updated last year
- HECTOR☆20Mar 3, 2017Updated 9 years ago
- Comprehensive SOC Analyst notes covering incident response, threat hunting, SOC workflows, and cybersecurity concepts—perfect for exam pr…☆125Feb 26, 2026Updated 3 months ago
- This repository contains scripts about ACL abuse and any other active directory attacking methods.☆36Aug 20, 2023Updated 2 years ago
- Re-play Adversarial Techniques☆64Mar 18, 2021Updated 5 years ago