MSAdministrator / carcass

Related projects: ⓘ

• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆34Updated 5 years ago
• swimlane / graphish
  A Python package to search & delete messages from mailboxes in Office 365 using Microsoft Graph API
  ☆25Updated 2 years ago
• Neo23x0 / panopticon
  A YARA Rule Performance Measurement Tool
  ☆58Updated 6 months ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆26Updated 4 months ago
• Foundstone / ExpertInvestigationGuides
  Expert Investigation Guides
  ☆50Updated 3 years ago
• caschnee / misp-use-cases
  ☆14Updated 6 years ago
• keydet89 / IWSBook
  Site for IWS book content
  ☆18Updated 5 years ago
• Silv3rHorn / evtx2json
  evtx2json extracts events of interest from event logs, dedups them, and exports them to json.
  ☆41Updated 3 years ago
• johnfranolich / Hunting-Scripts
  A collection of hunting and blue team scripts. Mostly others, some my own.
  ☆37Updated last year
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆54Updated 3 years ago
• philhagen / for572-scripts
  A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
  ☆22Updated 2 months ago
• aarju / Kibana_ForensicDashboards
  Dashboards for conducting forensic investigation using windows events in Kibana
  ☆17Updated 5 years ago
• dfirence / drone
  ☆40Updated this week
• OllieJC / tbat
  Threat Box Assessment Tool
  ☆19Updated 3 years ago
• CompassSecurity / Readinizer
  Microsoft GPO Readiness Lateral Movement Detection Tool
  ☆15Updated last year
• ExabeamLabs / Synopsis
  Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.
  ☆20Updated 5 years ago
• dmb2168 / o365-appids
  ☆18Updated 3 years ago
• jshlbrd / threat-hunting-pocket-guide
  pocket guide for core threat hunting concepts
  ☆23Updated 4 years ago
• dmb2168 / OAuthHunting
  ☆52Updated 6 years ago
• swimlane / PSAttck
  PSAttck is a light-weight framework for the MITRE ATT&CK Framework.
  ☆38Updated 2 years ago
• jakob-source / falcon-crowdstrike
  A collection of searches, interesting events and tables on Crowdstrike Splunk.
  ☆28Updated 3 years ago
• clong / detect-responder
  ☆76Updated 6 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆15Updated 3 years ago
• daguy666 / Transit
  MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.
  ☆20Updated 4 years ago
• vi-or-die / TheHive4PS
  Powershell Functions to interact with TheHive-Project
  ☆10Updated 5 years ago
• sk4la / plast
  Modular command-line threat hunting tool & framework.
  ☆16Updated 4 years ago
• ValcanK / HomeLab
  ☆19Updated 3 years ago
• mformal / FOR508_Index
  FOR508 Index - GCFA
  ☆18Updated 6 years ago
• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆27Updated 3 years ago