StevenD33 / Lab-DFIR-SOCLinks
☆69Updated 4 years ago
Alternatives and similar repositories for Lab-DFIR-SOC
Users that are interested in Lab-DFIR-SOC are comparing it to the libraries listed below
Sorting:
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆106Updated 3 years ago
- Blueteam operational triage registry hunting/forensic tool.☆149Updated last month
- IOC Collection 2022☆57Updated 2 years ago
- This repo is where I store my Threat Hunting ideas/content☆88Updated 2 years ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆170Updated 2 years ago
- Simple PowerShell script to enable process scanning with Yara.☆98Updated 3 years ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆156Updated 3 years ago
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆135Updated last year
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆87Updated 3 years ago
- Active C2 IoCs☆99Updated 2 years ago
- Carbon Black Response IR tool☆54Updated 4 years ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Updated 3 years ago
- A GUI to query the API of abuse.ch.☆70Updated 3 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆204Updated 3 years ago
- ☆33Updated last year
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆78Updated 4 years ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].☆157Updated 2 years ago
- ☆96Updated 4 months ago
- Initial triage of Windows Event logs☆102Updated last year
- ☆27Updated 4 years ago
- Blue Team detection lab created with Terraform and Ansible in Azure.☆162Updated 10 months ago
- Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.☆27Updated 2 years ago
- Active Directory Purple Team Playbook☆112Updated 2 years ago
- Library of threat hunts to get any user started!☆45Updated 5 years ago
- My conference presentations☆83Updated last month
- Picus Labs☆44Updated 4 years ago
- Linux Evidence Acquisition Framework☆119Updated last year
- A visualized overview of the Initial Access Broker (IAB) cybercrime landscape☆114Updated 3 years ago
- BlueBox Malware analysis Box and Cyber threat intelligence.☆43Updated 3 years ago