InfoSecInnovations / What2LogLinks
☆41Updated 2 years ago
Alternatives and similar repositories for What2Log
Users that are interested in What2Log are comparing it to the libraries listed below
Sorting:
- ☆101Updated 2 months ago
- Notes on responding to security breaches relating to Azure AD☆116Updated 3 years ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- MDE relies on some of the Audit settings to be enabled☆98Updated 3 years ago
- ☆73Updated 10 months ago
- A preconfigured Velociraptor triage collector☆52Updated last week
- Conference presentations☆47Updated last year
- Repository of attack and defensive information for Business Email Compromise investigations☆261Updated 3 months ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆52Updated 3 years ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆94Updated 2 months ago
- Powershell module for VMWare vSphere forensics☆155Updated 9 months ago
- ☆64Updated 2 years ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆37Updated 3 years ago
- A PowerShell incident response script for quick triage☆80Updated 3 years ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated last year
- PowerShell module for Office 365 and Azure log collection☆272Updated this week
- A collection of various SIEM rules relating to malware family groups.☆69Updated last year
- Full of public notes and Utilities☆128Updated 6 months ago
- A repository to share publicly available Velociraptor detection content☆187Updated last week
- Tools for simulating threats☆192Updated last year
- Jupyter notebooks for threat hunting☆58Updated 5 months ago
- The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Of…☆261Updated 4 years ago
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆151Updated last week
- ☆86Updated 5 months ago
- ☆68Updated last month
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆86Updated 6 months ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆115Updated last year
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆136Updated 2 years ago
- Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science☆144Updated this week
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆155Updated 2 years ago