Foundstone/ExpertInvestigationGuides external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Foundstone/ExpertInvestigationGuides

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Foundstone/ExpertInvestigationGuides)

Close

Foundstone / ExpertInvestigationGuidesView on GitHubMore

• External links
• Readme badge

Expert Investigation Guides

☆51Mar 18, 2021Updated 5 years ago

Alternatives and similar repositories for ExpertInvestigationGuides

Users that are interested in ExpertInvestigationGuides are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Foundstone / InvestigationPlaybookSpec

  View on GitHub
  InvestigationPlaybookSpec
  ☆71Sep 26, 2017Updated 8 years ago
• aboutsecurity / Bro-samples

  View on GitHub
  Network Forensics Bro scripts & pcap samples
  ☆63Mar 11, 2014Updated 12 years ago
• TTP0 / ttp0_community_templates

  View on GitHub
  ☆34Nov 16, 2023Updated 2 years ago
• jordisk / TheHive2Sigma

  View on GitHub
  Python script to automatically create sigma rules from The hive observables
  ☆25Mar 17, 2019Updated 7 years ago
• truekonrads / kpulp

  View on GitHub
  Konrads' Pen-Ultimate (Windows) Log File Parser
  ☆14Dec 27, 2025Updated 3 months ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• giMini / NOAH

  View on GitHub
  PowerShell No Agent Hunting
  ☆111Apr 23, 2018Updated 7 years ago
• swannman / ircapabilities

  View on GitHub
  Incident Response Hierarchy of Needs
  ☆472Apr 19, 2023Updated 2 years ago
• TTP0 / info

  View on GitHub
  Public Landing Page
  ☆16Jan 7, 2023Updated 3 years ago
• capesstack / capes-docker

  View on GitHub
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆14Feb 1, 2022Updated 4 years ago
• Kafeine / public

  View on GitHub
  ☆19Sep 2, 2018Updated 7 years ago
• COVID-19-CTI-LEAGUE / PUBLIC_RELEASE

  View on GitHub
  Files vetted, and approved for public release
  ☆55Nov 30, 2023Updated 2 years ago
• Kreloc / Posh-ePoAPI

  View on GitHub
  A module for working with McAfee EPO API
  ☆14Dec 31, 2019Updated 6 years ago
• grayfold3d / Get-KapeModuleBinaries

  View on GitHub
  Parses KAPE module files and downloads binaries referenced by BinaryURL
  ☆17Oct 2, 2019Updated 6 years ago
• LDO-CERT / FireEye2TH

  View on GitHub
  FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
  ☆16Oct 12, 2018Updated 7 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• MHaggis / hunt-detect-prevent

  View on GitHub
  Lists of sources and utilities utilized to hunt, detect and prevent evildoers.
  ☆169Dec 10, 2018Updated 7 years ago
• aboutsecurity / Audit_Host-Baseline

  View on GitHub
  A set of Bash scripts that allows you to repeatably collect and compare baseline audit data from Linux and Windows systems
  ☆20Oct 19, 2013Updated 12 years ago
• target / huntlib

  View on GitHub
  A Python library to help with some common threat hunting data analysis operations
  ☆142Apr 23, 2023Updated 2 years ago
• vi-or-die / TheHive4PS

  View on GitHub
  Powershell Functions to interact with TheHive-Project
  ☆11Jun 27, 2019Updated 6 years ago
• delimitry / compressed_rtf

  View on GitHub
  Compressed Rich Text Format (RTF) compression and decompression in Python
  ☆24Jun 29, 2025Updated 9 months ago
• blacktop / docker-bro

  View on GitHub
  Bro IDS Dockerfile
  ☆129Sep 14, 2019Updated 6 years ago
• codingWithJimmy / TA-bigfix

  View on GitHub
  Splunk technical add-on (TA) for ingesting BigFix client, relay, and server logs. Includes REST inputs for ingesting assets, relevant fix…
  ☆17Mar 11, 2025Updated last year
• egaus / malicious_url_analysis

  View on GitHub
  ☆18Jun 8, 2018Updated 7 years ago
• DefensePointSecurity / threat_note

  View on GitHub
  DPS' Lightweight Investigation Notebook
  ☆433Dec 31, 2023Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• Invoke-IR / ACE

  View on GitHub
  Automated, Collection, and Enrichment Platform
  ☆326Nov 14, 2019Updated 6 years ago
• CiviCERT / suspicious-email-submitter

  View on GitHub
  The Suspicious Email Submitter is a discontinued browser extension (Chrome, Chromium, Firefox) for the easy submission of suspicious emai…
  ☆15Mar 6, 2023Updated 3 years ago
• beahunt3r / Windows-Hunting

  View on GitHub
  ☆349Mar 19, 2021Updated 5 years ago
• ThreatHuntingProject / hunter

  View on GitHub
  A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.
  ☆251Jul 19, 2021Updated 4 years ago
• MalwareArchaeology / ARTHIR

  View on GitHub
  ATT&CK Remote Threat Hunting Incident Response
  ☆206Dec 8, 2024Updated last year
• refractionPOINT / limacharlie

  View on GitHub
  Old home of LimaCharlie, open source EDR
  ☆32Sep 4, 2023Updated 2 years ago
• chrissimpkins / commandlines

  View on GitHub
  A Python command line argument to object parsing library for command line application development
  ☆15Mar 23, 2016Updated 10 years ago
• thirdeyeintelligence / Memoirs-of-a-Threat-Hunter

  View on GitHub
  My personal experience in Threat Hunting and knowledge gained so far.
  ☆19May 27, 2017Updated 8 years ago
• rollinz007 / kspray

  View on GitHub
  A utility for password spraying using kerberos from an untrusted/non-domain joined Kali linux host. Useful for user and KDC/DC enumeratio…
  ☆19Oct 28, 2023Updated 2 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• jshlbrd / threat-hunting-pocket-guide

  View on GitHub
  pocket guide for core threat hunting concepts
  ☆23May 6, 2020Updated 5 years ago
• RESOLVN / RTHVM

  View on GitHub
  Resolvn Threat Hunting Virtual Machine
  ☆139Aug 16, 2019Updated 6 years ago
• sbrant / PowerShell

  View on GitHub
  scripts and configs from .conf2016 talk on Hunting the Known Unknowns PowerShell Edition
  ☆15Oct 25, 2016Updated 9 years ago
• fygrave / ndf

  View on GitHub
  Network Defender Toolkit
  ☆18Jun 11, 2013Updated 12 years ago
• farsightsec / sie-dns-sensor

  View on GitHub
  Debian and Red Hat packaging for SIE DNS sensor
  ☆15May 5, 2023Updated 2 years ago
• leeberg / ActivitySimulator

  View on GitHub
  A simple utility to generate real File and Active Directory activity in lab environments for the purposes of monitoring changes and detec…
  ☆11Dec 4, 2018Updated 7 years ago
• Benster900 / ThreatWaffle

  View on GitHub
  Threat hunting repo for my independent study on threat hunting with OSQuery
  ☆27Jan 16, 2018Updated 8 years ago