aaronst / talksLinks
Presentation materials for talks I've given.
☆20Updated 6 years ago
Alternatives and similar repositories for talks
Users that are interested in talks are comparing it to the libraries listed below
Sorting:
- OSSEM Modular☆27Updated 5 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- SilkETW & SilkService☆40Updated 6 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated 2 years ago
- Repository for my ATT&CK analysis research.☆69Updated 6 years ago
- Crack your macros like the math pros.☆33Updated 8 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 7 years ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15Updated 6 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆110Updated 6 years ago
- Code and Slides of my BSides London 2019 presentation about Attacker Emulation using CALDERA☆22Updated 6 years ago
- A list of IOCs applicable to PoshC2☆24Updated 5 years ago
- Mass Triage Tools☆20Updated 2 weeks ago
- ☆12Updated 7 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆50Updated 6 years ago
- isodump - ISO dump utility☆41Updated 6 years ago
- Sysmon config for both Windows and Linux Devices. Windows one is a bit dated☆55Updated last year
- Win32 utility for auditing TCP connections☆56Updated 5 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Updated 7 years ago
- Set of utilities for getting information about Windows Events☆15Updated 7 years ago
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆60Updated 7 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Updated 6 years ago
- A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed☆16Updated 9 years ago
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆57Updated 3 years ago
- Generate YARA rules for OOXML documents.☆38Updated 2 years ago
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Updated 6 years ago
- Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.☆51Updated 6 years ago
- Trace ScriptBlock execution for powershell v2☆40Updated 5 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Updated 7 years ago
- Powershell / C# based cross platform forensic framework based for live incident response☆23Updated 5 years ago