LogRhythm-Labs / Carbon-Black-SmartResponse

Related projects ⓘ

Alternatives and complementary repositories for Carbon-Black-SmartResponse

• AlmCo / Panorama
  Fast incident overview
  ☆39Updated 7 years ago
• Cyb3rWard0g / CyberWardogLab
  A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…
  ☆53Updated 6 years ago
• glassdfir / SysmonMapper
  Maps process creation logged by Sysmon uses Google Org Chart API
  ☆24Updated 8 years ago
• Jrotenberger / Powershell-IR-Scripts
  ☆39Updated 5 years ago
• Foundstone / InvestigationPlaybookSpec
  InvestigationPlaybookSpec
  ☆72Updated 7 years ago
• n3l5 / irCRpull
  irCRpull is a PowerShell script utilized to pull several system artifacts, utilizing the free tool CrowdResponse, from a live Win7+ syste…
  ☆13Updated 9 years ago
• grayfold3d / POSH-Triage
  Tools for parsing Forensic images
  ☆41Updated 5 years ago
• Silv3rHorn / ArtifactExtractor
  Extract common Windows artifacts from source images and VSCs
  ☆65Updated 3 years ago
• devgc / SrumMonkey
  Tool to parse SRU database
  ☆24Updated 6 years ago
• paulpc / quickIR
  Auxiliary scripts for Incident Response with ELK
  ☆11Updated 9 years ago
• carbonblack / community
  Community Sharing Repository for Carbon Black and Bit9 Platforms
  ☆27Updated 2 years ago
• MotiBa / Sysmon
  Sysmon configuration
  ☆66Updated 6 years ago
• neu5ron / WinLogsZero2Hero
  This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.
  ☆21Updated 6 years ago
• n3l5 / irFARTpull
  PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.
  ☆50Updated 6 years ago
• et0x / Incident-Response
  ☆36Updated 8 years ago
• opensourcesec / cblrconsole
  Carbonblack Live Response from the comfort of your own terminal
  ☆20Updated 8 years ago
• keydet89 / Tools
  Tools from WFA 4/e, timeline tools, etc.
  ☆132Updated 8 months ago
• Neo23x0 / awesome-yara
  A curated list of awesome YARA rules, tools, and people.
  ☆32Updated last year
• Invoke-IR / PowerForensicsPortable
  ☆31Updated 4 years ago
• mandiant / AuditParser
  AuditParser
  ☆58Updated 11 years ago
• bonifield / volatilityGrapher
  Force-Directed Graph Generator for Volatility Ouputs
  ☆26Updated 5 years ago
• JamesHabben / sysmon-queries
  Queries to parse sysmon event log file with microsoft logparser
  ☆56Updated 9 years ago
• Foundstone / ExpertInvestigationGuides
  Expert Investigation Guides
  ☆50Updated 3 years ago
• dkovar / ircollect
  ircollect
  ☆31Updated 11 years ago
• SMAPPER / NXLog-AutoConfig
  ☆48Updated 4 years ago
• MHaggis / sysmon-splunk-app
  Sysmon Splunk App
  ☆46Updated 6 years ago
• mantarayforensics / mantaray
  MantaRay Automated Computer Forensic Triage Tool
  ☆63Updated 5 years ago