DebugPrivilege / OpenProject
A practical resource on using open-source tools for Incident Response. This repo shares workflows, tool setups, and steps for responding quickly to security incidents.
☆17Updated 2 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for OpenProject
- ☆31Updated 2 years ago
- Repo containing my public talks☆22Updated last year
- Yara Rules for Modern Malware☆67Updated 8 months ago
- PowerShell PE Parser☆61Updated 4 months ago
- Repository that contains random short projects like write-ups, PowerShell scripts, and more.☆26Updated 2 weeks ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆72Updated 2 months ago
- ☆44Updated last year
- Detection rule validation☆41Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆90Updated 2 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆68Updated last year
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- A collection of small scripts and tools for deobfuscation and malware analysis.☆65Updated last year
- ☆27Updated 3 months ago
- Collection of my own detection rules☆14Updated 9 months ago
- Presentations from Conferences☆26Updated 2 months ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆27Updated this week
- These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…☆13Updated 7 months ago
- ASR Configurator, Essentials and Atomic Testing☆36Updated 3 weeks ago
- MS Graph Commands and Tools for Blue Teamers☆48Updated last year
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆47Updated 10 months ago
- Living off the False Positive!☆29Updated 2 months ago
- create a "simulated internet" cyber range environment☆13Updated last month
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆99Updated 4 months ago
- ☆22Updated 11 months ago
- Powershell Linter☆46Updated last month
- ShellSweeping the evil.☆52Updated 5 months ago
- Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…☆26Updated 2 months ago
- ☆64Updated last year
- ☆13Updated 6 months ago