activecm / smudge

Related projects ⓘ

Alternatives and complementary repositories for smudge

• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆67Updated last year
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆27Updated 6 months ago
• corelight / raspi-corelight
  Corelight@Home script
  ☆40Updated last year
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆38Updated 6 months ago
• ezaspy / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆31Updated 3 weeks ago
• jasonsford / IPScraper
  This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…
  ☆18Updated 2 years ago
• fireeye / CVE-2021-44228
  OpenIOC rules to facilitate hunting for indicators of compromise
  ☆38Updated 2 years ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆43Updated 6 months ago
• pfpt-andrew / Rapid-Response-Reporting
  RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…
  ☆36Updated 2 years ago
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing
  DNS Dashboard for hunting and identifying beaconing
  ☆14Updated 4 years ago
• jafarspalace / Crowdstrike-Falcon-Scripts
  Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation
  ☆22Updated 3 months ago
• vadim-hunter / Threat-Hunters-KB
  Threat Hunter's Knowledge Base
  ☆22Updated 2 years ago
• SigmaHQ / pySigma-backend-crowdstrike
  SigmaHQ pySigma CrowdStrike processing pipeline
  ☆21Updated last month
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆34Updated 2 years ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆19Updated 2 years ago
• corelight / threat-hunting-guide
  ☆46Updated 2 years ago
• nidem / forgedpillow
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Updated 3 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 7 months ago
• threathunters-io / QLOG
  Windows Security Logging
  ☆43Updated 2 years ago
• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 3 years ago
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆93Updated 3 years ago
• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆75Updated 4 years ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆34Updated 2 years ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆86Updated this week
• activecm / pcap-stats
  Learn about a network from a pcap file or reading from an interface
  ☆27Updated 7 months ago
• ssnkhan / adversarial-threat-modelling
  Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop
  ☆56Updated last week
• weslambert / securityonion-misp
  ☆34Updated 3 years ago
• MattETurner / DFIRlogbook
  Logbook for Digital Forensics and Incident Response
  ☆49Updated 4 months ago
• clausing / scripts
  ☆43Updated last month
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆65Updated 8 months ago