OWNsecurity / GWForensicLinks
DFIR project to collect and analyze events in Google Workspace
☆12Updated last year
Alternatives and similar repositories for GWForensic
Users that are interested in GWForensic are comparing it to the libraries listed below
Sorting:
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆107Updated 4 months ago
- A collection of CVEs weaponized by ransomware operators☆121Updated last week
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆150Updated 11 months ago
- A repository of credential stealer formats☆224Updated 2 months ago
- A repository to share publicly available Velociraptor detection content☆187Updated this week
- Dissecting and Defeating Ransomware's Evasion Tactics Defcon 32☆16Updated last year
- A repository to store community malware research notes and findings.☆14Updated last month
- ☆238Updated 2 months ago
- A collection of methods to learn who the owner of an IP address is.☆171Updated 2 months ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆86Updated this week
- ☆161Updated 2 years ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆175Updated 3 months ago
- Retired TrustedSec Capabilities☆248Updated 9 months ago
- Rules shared by the community from 100 Days of YARA 2024☆85Updated 7 months ago
- Finding ClickFix and FakeCAPTCHA like it's 1999☆48Updated this week
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆132Updated 7 months ago
- VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data …☆144Updated last month
- R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker☆12Updated 9 months ago
- A specification and style guide for YARA rules☆54Updated last year
- Windows Malware Investigation Scripts & Docs☆83Updated 9 months ago
- Parses USB connection artifacts from offline Registry hives☆101Updated 2 months ago
- LotL RMM☆236Updated 2 weeks ago
- Harness the power of Splunk for your investigations☆128Updated 2 months ago
- LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.☆190Updated 6 months ago
- Active C&C Detector☆156Updated last year
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆125Updated last year
- Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports☆131Updated this week
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆157Updated 4 months ago
- Jupyter Notebooks for the Blue Team☆146Updated 5 months ago
- A collection of content for blue team professionals, designed to support both reactive and proactive cybersecurity measures of every aspe…☆34Updated 2 months ago