Terraform stack to deploy ELK Threat Hunting on Amazon AWS.
☆88Aug 15, 2019Updated 6 years ago
Alternatives and similar repositories for argos
Users that are interested in argos are comparing it to the libraries listed below
Sorting:
- Duo MFA auditing tool to test users' likelihood of approving unexpected push notifications☆13Apr 20, 2018Updated 7 years ago
- Konrads' Pen-Ultimate (Windows) Log File Parser☆14Dec 27, 2025Updated 2 months ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- onigiri - remote malware triage script☆24Nov 5, 2015Updated 10 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- ☆23May 7, 2021Updated 4 years ago
- ☆18Feb 14, 2019Updated 7 years ago
- Get USB Devices from Registry hives☆22Nov 15, 2021Updated 4 years ago
- Basic Anomaly IDS capabilities with Python and Bro☆105Feb 27, 2018Updated 8 years ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Jul 18, 2018Updated 7 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆25Nov 7, 2017Updated 8 years ago
- Comprehensive Pivoting Framework☆20Sep 20, 2016Updated 9 years ago
- A Pythonic wrapper to MassDNS☆24Mar 21, 2018Updated 7 years ago
- Discover USB device history for a specific user☆23Dec 28, 2015Updated 10 years ago
- Dynamic DNS Update Bruteforce Tool☆29Feb 8, 2017Updated 9 years ago
- ☆12Nov 16, 2021Updated 4 years ago
- An updated C# port of X-Ways X-Tensions API.☆11Mar 12, 2018Updated 7 years ago
- ☆13Aug 11, 2018Updated 7 years ago
- The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.☆10Sep 28, 2020Updated 5 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Assess certain AWS network configurations☆12Aug 22, 2018Updated 7 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- Powershell Threat Hunting Module☆290Sep 21, 2016Updated 9 years ago
- Streaming Unexpected Network Byte Sequences with High Probability of Blue Screening or Otherwise Crashing Attacker Command-and-Control No…☆22Jul 14, 2019Updated 6 years ago
- Assorted classes and methods for indexing reports and retrieving information from an elastic index☆21Jul 5, 2016Updated 9 years ago
- An information security preparedness tool to do adversarial simulation.☆1,137Apr 1, 2019Updated 6 years ago
- Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.☆116Jan 8, 2025Updated last year
- Edited version of Lee Christensen's Get-NetworkConnection which includes timestamp for each network connection☆36Mar 14, 2018Updated 7 years ago
- Generate ATT&CK Navigator layer file from PowerShell Empire agent logs☆48Sep 4, 2018Updated 7 years ago
- PowerShell No Agent Hunting☆111Apr 23, 2018Updated 7 years ago
- Ruby On Rails unrestricted render() exploit☆16Feb 9, 2018Updated 8 years ago
- Welcome to Autoaudit, a log tampering detection tool.☆13Mar 19, 2024Updated last year
- A dedicated repo to interact with the API of Timesketch☆12Sep 17, 2021Updated 4 years ago
- A Terraform module for deploying Sonarqube.☆12Nov 4, 2025Updated 4 months ago
- Terraform that builds an EKK logging stack☆12Mar 21, 2018Updated 7 years ago
- Threat hunting with Sysmon and ArangoDB Graphs☆12Apr 16, 2020Updated 5 years ago
- Technical add-on to ingest json formatted volatility memory analysis plugin outputs☆13May 21, 2018Updated 7 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Oct 31, 2018Updated 7 years ago