anelshaer / Remote-Linux-Triage-Collection-using-OSquery
Remotely collect linux live forensics artifacts.
☆13Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for Remote-Linux-Triage-Collection-using-OSquery
- AWS EKS Cluster Forensics☆22Updated 3 years ago
- This repository contains generated contextual data utilized by pyattck.☆17Updated 4 months ago
- ☆37Updated 2 months ago
- Fun tools around the EBS Direct API☆18Updated 3 years ago
- ☆17Updated 3 years ago
- Stupid Simple Detection Testing☆11Updated 8 months ago
- Automatic detection engineering technical state compliance☆50Updated 4 months ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆25Updated last year
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆27Updated last month
- Simulates a compromise in a cloud and container environment☆32Updated 2 years ago
- ☆66Updated 6 months ago
- defendA Data Lake. A firehose pipeline to athena providing enrichment and normalization for security events☆16Updated last year
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆26Updated last year
- pocket guide for core detection engineering concepts☆27Updated last year
- Repository that contains a set of purposefully erroneous Yara rules.☆48Updated 10 months ago
- Track progress and keep notes while working through likethecoins' CTI Self Study Plan☆28Updated 2 years ago
- ☆23Updated 2 weeks ago
- Recon Hunt Queries☆75Updated 3 years ago
- Cisco Orbital - Osquery queries by Talos☆123Updated 2 months ago
- The core backend server handling API requests and task management☆31Updated 2 weeks ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆66Updated last week
- Automated detection rule analysis utility☆29Updated 2 years ago
- Anvilogic Forge☆86Updated last week
- Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)☆43Updated 2 years ago
- Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets☆32Updated 6 months ago
- Can you pay the ransom in your country?☆14Updated 11 months ago
- ☆24Updated 2 weeks ago
- CyCAT.org API back-end server including crawlers☆30Updated last year
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- Knowledge Report Alert & Normalization Generator☆27Updated 8 months ago