Lyc4on / EvtXHunt
EvtXHunt is an Autopsy plugin that is able to analyze Windows EVTX logs against a library of SIGMA rules.
☆16Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for EvtXHunt
- An experimental Velociraptor implementation using cloud infrastructure☆21Updated 2 weeks ago
- Penguin OS Forensic (or Flight) Recorder☆37Updated 4 months ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 3 weeks ago
- ☆17Updated 3 months ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- ☆36Updated 3 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆35Updated last year
- A MITRE ATT&CK Lookup Tool☆43Updated 6 months ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 2 years ago
- Contains compiled binaries of Volatility☆29Updated last month
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 6 months ago
- Autopsy Module to analyze Registry Hives☆13Updated 2 years ago
- Lightweight Python-Based Malware Analysis Pipeline☆29Updated last month
- Regexplore is a Volatility plugin designed to mimic the functionality of the Registry Explorer plugins in EZsuite☆17Updated last year
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆14Updated 4 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆38Updated 6 months ago
- Bash Script to extract GNU/Linux forensic artifacts for digital forensic analysis and incident response.☆43Updated last year
- Send High & New Incidents to The Hive incident management Platform☆17Updated 3 years ago
- Hashes of infamous malware☆26Updated last year
- ESXi Cyber Security Incident Response Script☆20Updated 2 months ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆25Updated 2 years ago
- Triaging Windows event logs based on SANS Poster☆37Updated last year
- Repo containing my personal walkthroughs of PMAT Labs i.e. PMAT Malware Samples.☆41Updated 2 years ago
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Updated 3 years ago
- DShield Sensor Log Collection with ELK☆18Updated this week
- Parser for Sdba memory pool tags☆17Updated 3 years ago
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆48Updated last week
- BlueBox Malware analysis Box and Cyber threat intelligence.☆38Updated 2 years ago
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆15Updated 3 weeks ago
- Resources for DFIR. And more.☆11Updated 4 months ago