JPCERTCC / MemoryForensic-on-Cloud
Memory Forensic System on Cloud
☆89Updated last year
Alternatives and similar repositories for MemoryForensic-on-Cloud:
Users that are interested in MemoryForensic-on-Cloud are comparing it to the libraries listed below
- Slides of my public talks☆55Updated last year
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated 10 months ago
- A repository of my own Sigma detection rules.☆158Updated 7 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆63Updated 2 years ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆119Updated last year
- Open Threat Hunting Framework☆112Updated last year
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆77Updated 5 months ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆88Updated last year
- Active C&C Detector☆153Updated last year
- Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques t…☆118Updated 3 weeks ago
- Intel Retrieval Augmented Generation (RAG) Utilities☆90Updated last year
- Resources To Learn And Understand SIGMA Rules☆174Updated 2 years ago
- MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository☆113Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆118Updated last year
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆133Updated 2 years ago
- User Feedback Space of #MitreAssistant☆37Updated last year
- A repository to share publicly available Velociraptor detection content☆139Updated last week
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆84Updated 2 months ago
- Sample evtx files to use for testing hayabusa detection rules☆52Updated 5 months ago
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆164Updated 6 months ago
- Full of public notes and Utilities☆98Updated last month
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated last year
- A collection of various SIEM rules relating to malware family groups.☆66Updated 9 months ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- Blue Team detection lab created with Terraform and Ansible in Azure.☆153Updated 4 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆70Updated 11 months ago
- Harness the power of Splunk for your investigations☆95Updated last week
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆161Updated last month
- Anvilogic Forge☆95Updated this week
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates…☆62Updated this week