Expert Investigation Guides
☆51Mar 18, 2021Updated 5 years ago
Alternatives and similar repositories for ExpertInvestigationGuides
Users that are interested in ExpertInvestigationGuides are comparing it to the libraries listed below
Sorting:
- InvestigationPlaybookSpec☆71Sep 26, 2017Updated 8 years ago
- Network Forensics Bro scripts & pcap samples☆63Mar 11, 2014Updated 12 years ago
- ☆34Nov 16, 2023Updated 2 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 7 years ago
- Konrads' Pen-Ultimate (Windows) Log File Parser☆14Dec 27, 2025Updated 2 months ago
- PowerShell No Agent Hunting☆111Apr 23, 2018Updated 7 years ago
- Incident Response Hierarchy of Needs☆473Apr 19, 2023Updated 2 years ago
- Public Landing Page☆16Jan 7, 2023Updated 3 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- ☆19Sep 2, 2018Updated 7 years ago
- Files vetted, and approved for public release☆55Nov 30, 2023Updated 2 years ago
- A module for working with McAfee EPO API☆14Dec 31, 2019Updated 6 years ago
- Parses KAPE module files and downloads binaries referenced by BinaryURL☆18Oct 2, 2019Updated 6 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Oct 12, 2018Updated 7 years ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆168Dec 10, 2018Updated 7 years ago
- A set of Bash scripts that allows you to repeatably collect and compare baseline audit data from Linux and Windows systems☆20Oct 19, 2013Updated 12 years ago
- A Python library to help with some common threat hunting data analysis operations☆142Apr 23, 2023Updated 2 years ago
- Powershell Functions to interact with TheHive-Project☆11Jun 27, 2019Updated 6 years ago
- Compressed Rich Text Format (RTF) compression and decompression in Python☆24Jun 29, 2025Updated 8 months ago
- Bro IDS Dockerfile☆129Sep 14, 2019Updated 6 years ago
- Splunk technical add-on (TA) for ingesting BigFix client, relay, and server logs. Includes REST inputs for ingesting assets, relevant fix…☆17Mar 11, 2025Updated last year
- ☆18Jun 8, 2018Updated 7 years ago
- DPS' Lightweight Investigation Notebook☆433Dec 31, 2023Updated 2 years ago
- Automated, Collection, and Enrichment Platform☆324Nov 14, 2019Updated 6 years ago
- The Suspicious Email Submitter is a discontinued browser extension (Chrome, Chromium, Firefox) for the easy submission of suspicious emai…☆15Mar 6, 2023Updated 3 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆252Jul 19, 2021Updated 4 years ago
- ATT&CK Remote Threat Hunting Incident Response☆206Dec 8, 2024Updated last year
- Old home of LimaCharlie, open source EDR☆32Sep 4, 2023Updated 2 years ago
- My personal experience in Threat Hunting and knowledge gained so far.☆19May 27, 2017Updated 8 years ago
- A Python command line argument to object parsing library for command line application development☆14Mar 23, 2016Updated 9 years ago
- A utility for password spraying using kerberos from an untrusted/non-domain joined Kali linux host. Useful for user and KDC/DC enumeratio…☆19Oct 28, 2023Updated 2 years ago
- pocket guide for core threat hunting concepts☆23May 6, 2020Updated 5 years ago
- Resolvn Threat Hunting Virtual Machine☆139Aug 16, 2019Updated 6 years ago
- scripts and configs from .conf2016 talk on Hunting the Known Unknowns PowerShell Edition☆15Oct 25, 2016Updated 9 years ago
- Network Defender Toolkit☆18Jun 11, 2013Updated 12 years ago
- Debian and Red Hat packaging for SIE DNS sensor☆15May 5, 2023Updated 2 years ago
- A simple utility to generate real File and Active Directory activity in lab environments for the purposes of monitoring changes and detec…☆11Dec 4, 2018Updated 7 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Jan 16, 2018Updated 8 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆42Sep 20, 2016Updated 9 years ago