WithSecureLabs / iocs

Related projects ⓘ

Alternatives and complementary repositories for iocs

• 00010111 / gMetaDataParse
  ☆19Updated last year
• edelucia / rules
  Cyber Threats Detection Rules
  ☆13Updated 2 months ago
• Tatsuya-hasegawa / MSTICPy_utils
  my MSTICpy practice and custom tools repository
  ☆11Updated 2 weeks ago
• The-DFIR-Report / cyberchef-recipes
  ☆18Updated 2 years ago
• ydkhatri / jarp
  Just Another broken Registry Parser (JARP)
  ☆16Updated 6 months ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆40Updated 4 years ago
• blueteam0ps / det-eng-samples
  This repository contains sample log data that were collected after running adversary simulations in Microsoft 365
  ☆20Updated last month
• lasq88 / socgholish_finder
  ☆14Updated last year
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆18Updated last year
• cudeso / misp-scraper
  A web scraper to create MISP events and reports
  ☆14Updated last year
• CyberCX-DFIR / usnjrnl_rewind
  USN Journal full path builder
  ☆36Updated 2 months ago
• MattETurner / DFIRlogbook
  Logbook for Digital Forensics and Incident Response
  ☆49Updated 4 months ago
• AbdulRhmanAlfaifi / CryptnetURLCacheParser
  CryptnetURLCacheParser is a tool to parse CryptAPI cache files
  ☆16Updated 3 months ago
• gmagklaras / POFR
  Penguin OS Forensic (or Flight) Recorder
  ☆37Updated 4 months ago
• cudeso / dfir-iris-misp-timesketch
  Scripts to integrate DFIR-IRIS, MISP and TimeSketch
  ☆31Updated 2 years ago
• invoke-eric / jupyter
  Jupyter Notebooks for Cyber Threat Intelligence
  ☆35Updated last year
• iknowjason / Velociraptor_Azure
  A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.
  ☆20Updated 3 years ago
• theflakes / fmd
  Windows file metadata / forensic tool.
  ☆15Updated 2 months ago
• AndrewRathbun / SANSGoldPaperResearch_FOR500_Rathbun
  A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.
  ☆25Updated 2 years ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆47Updated 3 weeks ago
• center-for-threat-informed-defense / summiting-the-pyramid
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆27Updated last month
• AndrewRathbun / EventTranscript.db-Research
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆39Updated 2 years ago
• marjatech / threatfox2misp
  Creating a Feed of MISP Events from ThreatFox (by abuse.ch)
  ☆19Updated 3 years ago
• frack113 / sigma_redcanaryco
  Knowing which rule should trigger according to the redcannary test
  ☆10Updated 6 months ago
• tesorion / TCERT-Cumulonimbus-UAL_Extractor
  Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…
  ☆18Updated last year
• AndrewRathbun / Anti-Forensics-VHDX
  A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…
  ☆25Updated last year
• stvemillertime / Cerebro
  Scripts and lists to help generate YARA friendly string mutations
  ☆19Updated last year
• ezaspy / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆31Updated last month
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆44Updated 2 years ago
• joeavanzato / velociraptor-timeline-creator
  VTC - Velociraptor Timeline Creator
  ☆15Updated 6 months ago