Expert Investigation Guides
☆51Mar 18, 2021Updated 4 years ago
Alternatives and similar repositories for ExpertInvestigationGuides
Users that are interested in ExpertInvestigationGuides are comparing it to the libraries listed below
Sorting:
- InvestigationPlaybookSpec☆71Sep 26, 2017Updated 8 years ago
- Network Forensics Bro scripts & pcap samples☆63Mar 11, 2014Updated 11 years ago
- Konrads' Pen-Ultimate (Windows) Log File Parser☆14Dec 27, 2025Updated 2 months ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 6 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- The Suspicious Email Submitter is a discontinued browser extension (Chrome, Chromium, Firefox) for the easy submission of suspicious emai…☆15Mar 6, 2023Updated 2 years ago
- PowerShell No Agent Hunting☆111Apr 23, 2018Updated 7 years ago
- ☆18Jun 8, 2018Updated 7 years ago
- A set of Bash scripts that allows you to repeatably collect and compare baseline audit data from Linux and Windows systems☆20Oct 19, 2013Updated 12 years ago
- ☆19Sep 2, 2018Updated 7 years ago
- ☆34Nov 16, 2023Updated 2 years ago
- My personal experience in Threat Hunting and knowledge gained so far.☆19May 27, 2017Updated 8 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆252Jul 19, 2021Updated 4 years ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆168Dec 10, 2018Updated 7 years ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆22Oct 31, 2018Updated 7 years ago
- Detecting DNS Spoofing, DNS Tunneling, DNS Exfiltration☆36Sep 28, 2015Updated 10 years ago
- ☆176Jun 25, 2024Updated last year
- DPS' Lightweight Investigation Notebook☆433Dec 31, 2023Updated 2 years ago
- Proof of concept implementation of a cyber threat intelligence and incident handling platform☆11Feb 10, 2023Updated 3 years ago
- HoneyDB Python Module��☆14Feb 6, 2024Updated 2 years ago
- Training materials I've written.☆11Nov 11, 2025Updated 3 months ago
- Baseline organizational policies and practices☆10Apr 17, 2017Updated 8 years ago
- pocket guide for core threat hunting concepts☆23May 6, 2020Updated 5 years ago
- A Python library to help with some common threat hunting data analysis operations☆142Apr 23, 2023Updated 2 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- A simple utility to generate real File and Active Directory activity in lab environments for the purposes of monitoring changes and detec…☆11Dec 4, 2018Updated 7 years ago
- Powershell Functions to interact with TheHive-Project☆11Jun 27, 2019Updated 6 years ago
- Code and templates required to build the DARPA open catalog.☆17Mar 23, 2016Updated 9 years ago
- A Windows PowerShell & PowerShell Core Module to calculate a CVSS3 Score based on a Vector string☆12Dec 20, 2022Updated 3 years ago
- A Python command line argument to object parsing library for command line application development☆14Mar 23, 2016Updated 9 years ago
- ☆11Jun 12, 2023Updated 2 years ago
- Parsing MITRE EDR Evaluation results☆12Dec 5, 2018Updated 7 years ago
- Network Defender Toolkit☆18Jun 11, 2013Updated 12 years ago
- Debian and Red Hat packaging for SIE DNS sensor☆15May 5, 2023Updated 2 years ago
- Resolvn Threat Hunting Virtual Machine☆139Aug 16, 2019Updated 6 years ago
- Searches For Threat Hunting and Security Analytics☆238Mar 26, 2025Updated 11 months ago
- Logstash configuration files for analyzing various types of logs☆25Dec 9, 2016Updated 9 years ago
- Office365 Log Analysis Framework☆81Jun 6, 2019Updated 6 years ago
- ATT&CK Remote Threat Hunting Incident Response☆206Dec 8, 2024Updated last year