JPCERTCC / MemoryForensic-on-CloudLinks
Memory Forensic System on Cloud
☆90Updated last year
Alternatives and similar repositories for MemoryForensic-on-Cloud
Users that are interested in MemoryForensic-on-Cloud are comparing it to the libraries listed below
Sorting:
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- Slides of my public talks☆55Updated last year
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆129Updated this week
- A repository of my own Sigma detection rules.☆160Updated 9 months ago
- Open Threat Hunting Framework�☆117Updated 2 years ago
- CarbonBlack EDR detection rules and response actions☆71Updated 9 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆63Updated 2 years ago
- Sample evtx files to use for testing hayabusa detection rules☆57Updated 7 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated 2 years ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆154Updated 2 years ago
- Harness the power of Splunk for your investigations☆111Updated this week
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆75Updated this week
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆64Updated last year
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆124Updated last year
- A collection of various SIEM rules relating to malware family groups.☆66Updated last year
- A repository to share publicly available Velociraptor detection content☆173Updated this week
- Mapping of open-source detection rules and atomic tests.☆168Updated 5 months ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆134Updated 2 years ago
- User Feedback Space of #MitreAssistant☆37Updated 2 years ago
- The Threat Actor Profile Guide for CTI Analysts☆107Updated last year
- MISP Playbooks☆203Updated last week
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- Active C&C Detector☆154Updated last year
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆165Updated 8 months ago
- The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆24Updated 3 weeks ago
- A preconfigured Velociraptor triage collector☆52Updated last week
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆122Updated last year
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆155Updated 2 months ago
- Resources To Learn And Understand SIGMA Rules☆177Updated 2 years ago
- Repository of public reference frameworks for the DFIR community.☆116Updated last year