b3b0 / snipehuntLinks
π¦π¬A small PowerShell tool for finding information quickly on malicious IPs or FQDNs. Powershell threat hunting.
β11Updated 5 years ago
Alternatives and similar repositories for snipehunt
Users that are interested in snipehunt are comparing it to the libraries listed below
Sorting:
- PowerShell Memory Pulling scriptβ19Updated 10 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online toolsβ27Updated 4 years ago
- A script to assist in processing forensic RAM captures for malware triageβ27Updated 4 years ago
- Quick & Dirty DFIR scripts developed by Ebryx DFIR team to keep handy during field assignmentβ14Updated 3 weeks ago
- incident response scriptsβ19Updated 6 years ago
- Sharing Threat Hunting runbooksβ26Updated 6 years ago
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my blβ¦β55Updated 7 years ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whicβ¦β56Updated 7 years ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.β26Updated 7 years ago
- PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.β38Updated 3 years ago
- Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.β23Updated 8 years ago
- Scripts I have made for blue teamβ16Updated 7 years ago
- Windows Security Loggingβ43Updated 2 years ago
- β21Updated 3 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.β24Updated last year
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sysβ¦β12Updated 8 years ago
- An extendable tool to extract and aggregate IoCs from threat feedsβ33Updated last year
- A collection of hunting and blue team scripts. Mostly others, some my own.β37Updated 2 years ago
- HoneyDB Python Moduleβ13Updated last year
- Notebooks created to attack and secure Active Directory environmentsβ27Updated 5 years ago
- Reference sheet for Threat Hunting Professional Courseβ25Updated 6 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.β27Updated 7 years ago
- A few quick recipes for those that do not have much time during the dayβ22Updated 8 months ago
- Python parser for Red Canary's Atomic Red Team Yamlsβ27Updated 6 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.β32Updated 5 years ago
- Git for me to put all my forensics stuffβ22Updated 5 months ago
- β21Updated 2 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.β34Updated 6 years ago
- β30Updated 6 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parserβ23Updated 4 years ago