StevenD33 / Lab-DFIR-SOCLinks
☆70Updated 4 years ago
Alternatives and similar repositories for Lab-DFIR-SOC
Users that are interested in Lab-DFIR-SOC are comparing it to the libraries listed below
Sorting:
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆106Updated 3 years ago
- This repo is where I store my Threat Hunting ideas/content☆88Updated 2 years ago
- Blueteam operational triage registry hunting/forensic tool.☆150Updated last month
- IOC Collection 2022☆57Updated 2 years ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆156Updated 3 years ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆170Updated 3 years ago
- Simple PowerShell script to enable process scanning with Yara.☆96Updated 3 years ago
- ☆88Updated 2 months ago
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆135Updated last year
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Updated 3 years ago
- ☆96Updated 5 months ago
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆87Updated 3 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97Updated 2 years ago
- Active Directory Purple Team Playbook☆113Updated 2 years ago
- Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.☆27Updated 2 years ago
- Carbon Black Response IR tool☆55Updated 4 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆207Updated 3 years ago
- Active C2 IoCs☆99Updated 2 years ago
- Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].☆157Updated 2 years ago
- Initial triage of Windows Event logs☆102Updated last year
- Placeholder for my detection repo and misc detection engineering content☆42Updated 2 years ago
- ☆33Updated last year
- Library of threat hunts to get any user started!☆45Updated 5 years ago
- Blue Team detection lab created with Terraform and Ansible in Azure.☆166Updated 11 months ago
- ☆44Updated 3 months ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆78Updated 4 years ago
- Harvest Linux forensic data for operational triage of an event.☆51Updated last year
- ☆28Updated 4 years ago
- Linux Evidence Acquisition Framework☆118Updated last year
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆69Updated 2 weeks ago