McL0vinn/Windows-Forensic-Examination-and-Threat-Hunting external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

McL0vinn/Windows-Forensic-Examination-and-Threat-Hunting

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/McL0vinn/Windows-Forensic-Examination-and-Threat-Hunting)

Close

McL0vinn / Windows-Forensic-Examination-and-Threat-HuntingView on GitHubMore

• External links
• Readme badge

Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can also be used to create a baseline for your environment.For the bests results "Run as Administrator" through CMD and Powershell.

☆15Aug 15, 2022Updated 3 years ago

Alternatives and similar repositories for Windows-Forensic-Examination-and-Threat-Hunting

Users that are interested in Windows-Forensic-Examination-and-Threat-Hunting are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• securycore / ThreatHunting

  View on GitHub
  Powershell collection designed to assist in Threat Hunting Windows systems.
  ☆27Apr 13, 2018Updated 8 years ago
• oguzpamuk / HuntingWithPowershell

  View on GitHub
  Windows log and threat hunting with powershell
  ☆16Dec 11, 2020Updated 5 years ago
• ItzHerbie / KQL

  View on GitHub
  Detection rules and threat hunting queries in Defender XDR and Azure Sentinel
  ☆16Mar 13, 2026Updated last month
• WesSec / VelociDeploy-o-Matic

  View on GitHub
  Scripts to for ready-to-use Velociraptor instance deployment in Azure
  ☆14Jun 27, 2023Updated 2 years ago
• eremit4 / cs-discovery

  View on GitHub
  Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
  ☆22Aug 13, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• stvemillertime / RonnieColemanYARAParser

  View on GitHub
  An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.
  ☆21Nov 13, 2022Updated 3 years ago
• eshlomo1 / Azure-AD-Incident-Response

  View on GitHub
  Azure AD Incident Response
  ☆28Oct 8, 2021Updated 4 years ago
• zulu8 / Get-Baseline

  View on GitHub
  PowerShell Script for Agentless Incident Response
  ☆25Apr 5, 2018Updated 8 years ago
• nogoodconfig / pyarascanner

  View on GitHub
  A simple many-rules to many-files YARA scanner for incident response or malware zoos.
  ☆27Jun 3, 2018Updated 7 years ago
• Purp1eW0lf / quickforensics

  View on GitHub
  ☆33Dec 4, 2022Updated 3 years ago
• wortell / log4j

  View on GitHub
  Repo containing all info, scripts, etc. related to CVE-2021-44228
  ☆10Dec 29, 2021Updated 4 years ago
• 0xxon / zeek-tls-log-alternative

  View on GitHub
  Zeek scripts that provide an alternative log file logging TLS/SSL traffic
  ☆12May 4, 2021Updated 4 years ago
• KPN-CISO / certificate-inventory

  View on GitHub
  Scanner which is capable of scanning multiple hosts or multiple subnets on an SSL port and output a CSV file with the certificate details…
  ☆14Nov 29, 2013Updated 12 years ago
• marietheresa / improved-lamp

  View on GitHub
  Repository for my GitHub Universe 2023 session SEC1808M
  ☆10Nov 8, 2023Updated 2 years ago
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• blueteam0ps / memOptix

  View on GitHub
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆97May 28, 2023Updated 2 years ago
• Dump-GUY / CAPA_JsonConver

  View on GitHub
  Converts exported results of CAPA tool from .json format to another formats supporting by different tools.
  ☆22Feb 15, 2022Updated 4 years ago
• Vyiel / RedTeamPets

  View on GitHub
  A collection of handy and specific tools for the Red Teamer
  ☆11Aug 13, 2024Updated last year
• mthcht / Purpleteam

  View on GitHub
  Purpleteam scripts simulation & Detection - trigger events for SOC detections
  ☆196Dec 20, 2024Updated last year
• Inndy / idapython-cheatsheet

  View on GitHub
  scripting IDA like a Pro
  ☆24Oct 27, 2020Updated 5 years ago
• LouisBrunner / ha-proton-drive

  View on GitHub
  Proton Drive integration for Home Assistant (compatible with HACS)
  ☆20Updated this week
• kuhumcst / tf-idf

  View on GitHub
  A reasonably performant TF-IDF implementation.
  ☆12Nov 20, 2022Updated 3 years ago
• ruppde / yara_rules

  View on GitHub
  Yara rules
  ☆22Mar 27, 2023Updated 3 years ago
• infinite-omicron / pentesting-checklist

  View on GitHub
  Penetration Testing Checklist
  ☆37May 14, 2020Updated 5 years ago
• Deploy open-source AI quickly and easily - Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• hackjalstead / IRCP

  View on GitHub
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆65Jan 31, 2022Updated 4 years ago
• andreafortuna / malhunt

  View on GitHub
  Hunt malware with Volatility
  ☆49Mar 3, 2026Updated last month
• op7ic / Cloud-Investigate

  View on GitHub
  A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.
  ☆38Mar 25, 2024Updated 2 years ago
• philhagen / for572-scripts

  View on GitHub
  A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
  ☆28Aug 6, 2025Updated 8 months ago
• gsiddharth29 / Threat-Hunting

  View on GitHub
  Threat Hunt Investigation Methodology and Procedure
  ☆15Jul 11, 2022Updated 3 years ago
• olafhartong / sysmon-parser

  View on GitHub
  Automatically generated Sysmon parser for Azure Sentinel
  ☆18Jan 6, 2026Updated 3 months ago
• tomskra / HA-SmartThings-Find

  View on GitHub
  Home Assisstant custom integration to provide data from Samsung SmartThings Find, such as SmartTag locations
  ☆31Jun 11, 2025Updated 10 months ago
• amrandazz / cloud-threat-detection

  View on GitHub
  Cloud threat detection visualization from excalidraw
  ☆12Apr 25, 2022Updated 3 years ago
• guerilla7 / CyberMoE

  View on GitHub
  A Mixture‑of‑Experts Educational Framework for Adaptive Cybersecurity
  ☆22Feb 8, 2026Updated 2 months ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• OTRF / SANS-BlueTeamSummit-2022

  View on GitHub
  Repo to track SANS BlueTeam Summit Presentation
  ☆23Oct 4, 2022Updated 3 years ago
• ch33r10 / DEFCON29-BTV-ThreatReportRoulette

  View on GitHub
  Learn how to get more out of publicly available threat reports to help improve the security posture of your organization! TLP: White Thre…
  ☆15Jun 5, 2023Updated 2 years ago
• y3n11 / Captain

  View on GitHub
  Userland API monitor for threat hunting
  ☆58Mar 4, 2020Updated 6 years ago
• kaze-technologies / cvefree

  View on GitHub
  Kaze's openly available CVE vulnerability data.
  ☆16Apr 7, 2025Updated last year
• a-rey / CISCO_configs

  View on GitHub
  CISCO configuration guides
  ☆14Feb 16, 2020Updated 6 years ago
• kkredit / smart-home-threat-model

  View on GitHub
  A small threat model for a smart home
  ☆19Oct 8, 2019Updated 6 years ago
• orishamir / Enhanced-PsExec-GUI

  View on GitHub
  Enhanced-PsExec the GUI edition
  ☆13Sep 8, 2021Updated 4 years ago