JPCERTCC / MemoryForensic-on-Cloud
Memory Forensic System on Cloud
☆90Updated last year
Alternatives and similar repositories for MemoryForensic-on-Cloud:
Users that are interested in MemoryForensic-on-Cloud are comparing it to the libraries listed below
- A repository of my own Sigma detection rules.☆158Updated 7 months ago
- Resources To Learn And Understand SIGMA Rules☆174Updated 2 years ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated 11 months ago
- Slides of my public talks☆55Updated last year
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆100Updated this week
- MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository☆114Updated 2 years ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆120Updated last year
- Open Threat Hunting Framework☆116Updated last year
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆63Updated 2 years ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆123Updated last year
- Harness the power of Splunk for your investigations☆103Updated last month
- A collection of various SIEM rules relating to malware family groups.☆66Updated 10 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 7 months ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆63Updated last year
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆134Updated 2 years ago
- Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques t…☆118Updated last month
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆88Updated last year
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆164Updated 6 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆155Updated 3 weeks ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated last year
- A repository to share publicly available Velociraptor detection content☆163Updated this week
- Dettectinator - The Python library to your DeTT&CT YAML files.☆111Updated 3 weeks ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆126Updated 9 months ago
- Anvilogic Forge☆103Updated 2 weeks ago
- User Feedback Space of #MitreAssistant☆37Updated last year
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates…☆63Updated last month
- Sample evtx files to use for testing hayabusa detection rules☆53Updated 6 months ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆152Updated last year
- Rules generated from our investigations.☆194Updated last month
- A preconfigured Velociraptor triage collector☆51Updated last week