These are some of the commands which I use frequently during Malware Analysis and DFIR.
☆24Jan 8, 2024Updated 2 years ago
Alternatives and similar repositories for cheatsheet
Users that are interested in cheatsheet are comparing it to the libraries listed below
Sorting:
- Web interface for monitoring and interacting with Netflow data stored in Silk repositories.☆13Mar 24, 2019Updated 6 years ago
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.☆16May 21, 2021Updated 4 years ago
- Exploit for win10 SMB3.1☆18Apr 5, 2020Updated 5 years ago
- My Jupyter Notebooks☆36Mar 14, 2025Updated 11 months ago
- A repository to host emojis used in the Digital Forensics Discord Server☆18May 28, 2022Updated 3 years ago
- A reimplementation of the EtherApe style display for OS X. Note that this is not a fork of EtherApe. Written in a kinder, gentler, age …☆21Dec 3, 2018Updated 7 years ago
- This repository contains Splunk queries to hunt some anomalies☆46Jul 28, 2022Updated 3 years ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- Tool to convert SDDL to readable text☆43Apr 25, 2018Updated 7 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆41May 3, 2021Updated 4 years ago
- Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing☆55May 18, 2019Updated 6 years ago
- Learning volatility plugins.☆19Feb 16, 2021Updated 5 years ago
- Script en Bash que automatiza todos los pasos para retransmitir la solicitud de autenticación SMB con el objetivo de obtener una Shell.☆23Jul 16, 2025Updated 7 months ago
- A tool for simplifying the process of researching IOCs.☆25Sep 24, 2021Updated 4 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆46Jan 2, 2022Updated 4 years ago
- ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.☆135Jul 25, 2019Updated 6 years ago
- Michael Melone's Kusto Query library☆20Nov 17, 2023Updated 2 years ago
- A windows hardening script that makes it difficult to compromise a Windows device. Only for use during Blue-Team Competitions.☆29Jul 26, 2024Updated last year
- A powershell parser for https://github.com/ufrisk/MemProcFS☆45May 12, 2021Updated 4 years ago
- ☆96May 5, 2025Updated 9 months ago
- This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode☆27Jun 25, 2024Updated last year
- Defensive-oriented Active Directory enumeration☆23Jan 22, 2016Updated 10 years ago
- Linux Baseline and Forensic Triage Tool - BETA☆57Sep 8, 2022Updated 3 years ago
- A collection of scripts, tools. and configs for various OS'es and applications, all free and or open-source, to assist in impromptu Blue-…☆104Jul 26, 2024Updated last year
- Wiki-like CTF write-ups repository, maintained by the community. 2016☆20Feb 10, 2025Updated last year
- Notebooks created to attack and secure Active Directory environments☆27Nov 18, 2019Updated 6 years ago
- ☆21Jan 13, 2022Updated 4 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- ☆11Nov 13, 2024Updated last year
- Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python.☆103Jul 26, 2020Updated 5 years ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆118Nov 28, 2023Updated 2 years ago
- JPCERT/CC public YARA rules repository☆109Nov 14, 2025Updated 3 months ago
- An open source project aimed to replicate the Windows SIFT Machine and tools used during SANS Courses minus any payware software.☆25Oct 18, 2023Updated 2 years ago
- General Content☆25Dec 23, 2025Updated 2 months ago
- Tools to automate AWS Cloud security assessments☆24Mar 26, 2020Updated 5 years ago
- Network security visualization tool, showcasing live traffic between internal and external hosts in a real-time visualization.☆27Apr 11, 2023Updated 2 years ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆76Jan 19, 2026Updated last month
- Dettectinator - The Python library to your DeTT&CT YAML files.☆118Jan 22, 2026Updated last month