CrowdStrike / CASTLinks
CrowdStrike Archive Scan Tool
☆85Updated 3 years ago
Alternatives and similar repositories for CAST
Users that are interested in CAST are comparing it to the libraries listed below
Sorting:
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Updated 3 years ago
- Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228☆150Updated 3 years ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆155Updated 3 years ago
- gundog - guided hunting in Microsoft Defender☆52Updated 4 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆65Updated 2 years ago
- Collection of useful Canary tools☆84Updated last month
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 4 years ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆71Updated 2 years ago
- Tools and scripts by Arctic Wolf☆69Updated 3 weeks ago
- A collection of intelligence about Log4Shell and its exploitation activity.☆183Updated 3 years ago
- My conference presentations☆74Updated this week
- ☆42Updated 2 years ago
- Pushes Sysmon Configs☆88Updated 4 years ago
- A GUI to query the API of abuse.ch.☆70Updated 3 years ago
- This repo is where I store my Threat Hunting ideas/content☆88Updated 2 years ago
- ☆73Updated 9 months ago
- Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…☆126Updated 4 months ago
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆39Updated 4 years ago
- Conference presentations☆47Updated last year
- Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, w…☆93Updated 4 months ago
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆23Updated 7 months ago
- Collection of PowerShell functinos and scripts a Blue Teamer might use☆84Updated last year
- Fast IOC and YARA Scanner☆81Updated 5 years ago
- Assess Windows OS for security misconfigurations and hardening opportunities.☆34Updated last year
- MDE relies on some of the Audit settings to be enabled☆98Updated 3 years ago
- OSSEM Data Dictionaries☆62Updated 6 months ago
- ☆68Updated 4 years ago
- BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.☆42Updated 2 years ago
- ☆34Updated 2 years ago
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆71Updated 7 months ago