anelshaer / Remote-Linux-Triage-Collection-using-OSqueryLinks
Remotely collect linux live forensics artifacts.
☆14Updated 3 years ago
Alternatives and similar repositories for Remote-Linux-Triage-Collection-using-OSquery
Users that are interested in Remote-Linux-Triage-Collection-using-OSquery are comparing it to the libraries listed below
Sorting:
- ☆49Updated last week
- AWS EKS Cluster Forensics☆23Updated 4 years ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆30Updated 2 years ago
- ☆18Updated 4 years ago
- ☆65Updated last year
- Serverless honeytoken 🕵🏻♂️☆80Updated 2 years ago
- Simulates a compromise in a cloud and container environment☆32Updated 9 months ago
- Anvilogic Forge☆107Updated last week
- Fun tools around the EBS Direct API☆19Updated 4 years ago
- pocket guide for core detection engineering concepts☆30Updated 2 years ago
- Automatic detection engineering technical state compliance☆55Updated last year
- ☆30Updated 3 months ago
- Cisco Orbital - Osquery queries by Talos☆135Updated last year
- Rules shared by the community from 100 Days of YARA 2025☆35Updated 8 months ago
- ☆12Updated 3 months ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆163Updated 6 months ago
- Tool for obfuscating and deobfuscating data.☆72Updated last year
- Track progress and keep notes while working through likethecoins' CTI Self Study Plan☆28Updated 3 years ago
- A python script to acquire multiple aws ec2 instances in a forensically sound-ish way☆38Updated 3 years ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆29Updated 2 years ago
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆117Updated last year
- Short deep dive into Threat Hunting on AWS☆13Updated last year
- Open-source Fabric templates for cybersecurity and compliance☆21Updated 8 months ago
- Lightweight Python-Based Malware Analysis Pipeline☆35Updated last week
- defendA Data Lake. A firehose pipeline to athena providing enrichment and normalization for security events☆16Updated 2 years ago
- Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more☆22Updated last week
- The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit l…☆28Updated 3 months ago
- Modron - Cloud security compliance☆34Updated 9 months ago
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 4 years ago
- Repository that contains a set of purposefully erroneous Yara rules.☆59Updated 2 months ago