Expert Investigation Guides
☆50Mar 18, 2021Updated 5 years ago
Alternatives and similar repositories for ExpertInvestigationGuides
Users that are interested in ExpertInvestigationGuides are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- InvestigationPlaybookSpec☆70Sep 26, 2017Updated 8 years ago
- Network Forensics Bro scripts & pcap samples☆63Mar 11, 2014Updated 12 years ago
- ☆34Nov 16, 2023Updated 2 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 7 years ago
- Konrads' Pen-Ultimate (Windows) Log File Parser☆14Dec 27, 2025Updated 6 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- PowerShell No Agent Hunting☆111Apr 23, 2018Updated 8 years ago
- Incident Response Hierarchy of Needs☆478Apr 19, 2023Updated 3 years ago
- Public Landing Page☆16Jan 7, 2023Updated 3 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- ☆19Sep 2, 2018Updated 7 years ago
- A module for working with McAfee EPO API☆14Dec 31, 2019Updated 6 years ago
- Parses KAPE module files and downloads binaries referenced by BinaryURL☆18Oct 2, 2019Updated 6 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Oct 12, 2018Updated 7 years ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆170Dec 10, 2018Updated 7 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A set of Bash scripts that allows you to repeatably collect and compare baseline audit data from Linux and Windows systems☆20Oct 19, 2013Updated 12 years ago
- A Python library to help with some common threat hunting data analysis operations☆142Apr 23, 2023Updated 3 years ago
- Powershell Functions to interact with TheHive-Project☆11Jun 27, 2019Updated 7 years ago
- Compressed Rich Text Format (RTF) compression and decompression in Python☆25Jun 29, 2025Updated last year
- Bro IDS Dockerfile☆129Sep 14, 2019Updated 6 years ago
- ☆17Jun 8, 2018Updated 8 years ago
- DPS' Lightweight Investigation Notebook☆435Dec 31, 2023Updated 2 years ago
- Automated, Collection, and Enrichment Platform☆326Nov 14, 2019Updated 6 years ago
- The Suspicious Email Submitter is a discontinued browser extension (Chrome, Chromium, Firefox) for the easy submission of suspicious emai…☆15Mar 6, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆351Mar 19, 2021Updated 5 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆251Jul 19, 2021Updated 4 years ago
- ATT&CK Remote Threat Hunting Incident Response☆203Dec 8, 2024Updated last year
- Old home of LimaCharlie, open source EDR☆32Sep 4, 2023Updated 2 years ago
- A Python command line argument to object parsing library for command line application development☆15Mar 23, 2016Updated 10 years ago
- My personal experience in Threat Hunting and knowledge gained so far.☆19May 27, 2017Updated 9 years ago
- A utility for password spraying using kerberos from an untrusted/non-domain joined Kali linux host. Useful for user and KDC/DC enumeratio…☆19Oct 28, 2023Updated 2 years ago
- pocket guide for core threat hunting concepts☆23May 6, 2020Updated 6 years ago
- scripts and configs from .conf2016 talk on Hunting the Known Unknowns PowerShell Edition☆15Oct 25, 2016Updated 9 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Resolvn Threat Hunting Virtual Machine☆138Aug 16, 2019Updated 6 years ago
- Network Defender Toolkit☆18Jun 11, 2013Updated 13 years ago
- Debian and Red Hat packaging for SIE DNS sensor☆15May 5, 2023Updated 3 years ago
- A simple utility to generate real File and Active Directory activity in lab environments for the purposes of monitoring changes and detec…☆11Dec 4, 2018Updated 7 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆42Sep 20, 2016Updated 9 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Jan 16, 2018Updated 8 years ago
- Phantom Community Playbooks☆541Jun 22, 2026Updated last week