An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
☆60Jan 30, 2018Updated 8 years ago
Alternatives and similar repositories for HistoricProcessTree
Users that are interested in HistoricProcessTree are comparing it to the libraries listed below
Sorting:
- An Incident Response tool to extract console command history and screen output buffer☆42Jan 11, 2018Updated 8 years ago
- Edited version of Lee Christensen's Get-NetworkConnection which includes timestamp for each network connection☆36Mar 14, 2018Updated 7 years ago
- Passive DNS server interface compliant to "Common Output Format"☆10Sep 19, 2016Updated 9 years ago
- Splunk integration with MISP☆12Apr 14, 2018Updated 7 years ago
- The Suspicious Email Submitter is a discontinued browser extension (Chrome, Chromium, Firefox) for the easy submission of suspicious emai…☆15Mar 6, 2023Updated 2 years ago
- ☆14May 30, 2018Updated 7 years ago
- Systematic Classification Engine for Advanced Data ANalysis☆22Mar 6, 2017Updated 8 years ago
- CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools☆16Updated this week
- CyCAT.org taxonomies☆15May 22, 2021Updated 4 years ago
- Use security tools from within IRC.☆24Mar 20, 2012Updated 13 years ago
- nmap/ndiff based scanner with template based notification system in case of infrastructure changes☆19Feb 16, 2018Updated 8 years ago
- Virus names generator☆28Feb 10, 2015Updated 11 years ago
- A curses-style interface for automatic takedown notification based on MISP events.☆20Dec 11, 2020Updated 5 years ago
- Simple Powershell scripts to collect all Windows Event Logs from a host and parse them into one CSV timeline.☆32Oct 13, 2018Updated 7 years ago
- Signature engine for all your logs☆172Nov 13, 2023Updated 2 years ago
- Another MISP module for Python☆18Feb 17, 2020Updated 6 years ago
- Incident Notification Platform by @NC3-LU☆11Updated this week
- Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.☆19Mar 13, 2022Updated 3 years ago
- Malware Classifier From Network Captures☆82Jan 27, 2017Updated 9 years ago
- ☆19Sep 2, 2018Updated 7 years ago
- CARET - A tool for viewing cyber analytic relationships☆57Jan 15, 2020Updated 6 years ago
- A simple python library to assist in working with cpes☆19Jan 30, 2024Updated 2 years ago
- CVE Builder script that generates STIX formatted Exploit Target objects☆18Oct 18, 2016Updated 9 years ago
- Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.☆20Oct 24, 2018Updated 7 years ago
- This repository regroups the Yara Rules for the Unprotect Project☆26Nov 19, 2020Updated 5 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- Security diagnostic quick start guide. Identifying the best measures and establishing specific security procedures for your organization.☆11May 29, 2019Updated 6 years ago
- This repository is a curated list of pro bono incident response entities.☆21Jun 21, 2023Updated 2 years ago
- Build Automated Machine Images for MISP☆29Jun 9, 2023Updated 2 years ago
- yara rules for cryptography detection☆31Apr 28, 2014Updated 11 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆24Jul 9, 2021Updated 4 years ago
- A Python client for the Global CVE Allocation System.☆17Jan 31, 2026Updated last month
- ☆42Sep 16, 2022Updated 3 years ago
- Auxiliary scripts for Incident Response with ELK☆11Oct 7, 2015Updated 10 years ago
- A curated lust of awesome cyber civil society actors, project etc.☆10Jul 16, 2020Updated 5 years ago
- GUI for regripper☆11Mar 19, 2019Updated 6 years ago
- A Postfix filter which takes a piped message and submits it to Cuckoo Sandbox☆11Apr 3, 2016Updated 9 years ago
- A vulnerability assessment tool for system models☆13Oct 1, 2021Updated 4 years ago
- HoneyDB Python Module☆14Feb 6, 2024Updated 2 years ago