b3b0 / snipehuntLinks
π¦π¬A small PowerShell tool for finding information quickly on malicious IPs or FQDNs. Powershell threat hunting.
β11Updated 5 years ago
Alternatives and similar repositories for snipehunt
Users that are interested in snipehunt are comparing it to the libraries listed below
Sorting:
- Notebooks created to attack and secure Active Directory environmentsβ27Updated 5 years ago
- PowerShell Memory Pulling scriptβ19Updated 10 years ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whicβ¦β56Updated 7 years ago
- Traceroute improved wrapper for CSIRT and CERT operatorsβ38Updated 9 months ago
- Generic Signature Format for SIEM Systemsβ14Updated 3 years ago
- β30Updated 6 years ago
- Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.β23Updated 8 years ago
- A few quick recipes for those that do not have much time during the dayβ22Updated 9 months ago
- A collection of hunting and blue team scripts. Mostly others, some my own.β37Updated 2 years ago
- A script to assist in processing forensic RAM captures for malware triageβ27Updated 4 years ago
- β13Updated 5 years ago
- HoneyDB Python Moduleβ13Updated last year
- Audit Powershell and search from known keywords in history #Blueteamβ25Updated 5 years ago
- THOR MITRE ATT&CK Framework Coverageβ24Updated 5 years ago
- An extendable tool to extract and aggregate IoCs from threat feedsβ33Updated last year
- CIRCL system forensic tools or a jumble of tools to support forensicβ42Updated 2 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.β42Updated 4 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.β24Updated last year
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.β34Updated 6 years ago
- PSAttck is a light-weight framework for the MITRE ATT&CK Framework.β38Updated 3 years ago
- Python parser for Red Canary's Atomic Red Team Yamlsβ27Updated 6 years ago
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my blβ¦β55Updated 7 years ago
- Collection of best practices to add OSINT into MISP and/or MISP communitiesβ66Updated last year
- β21Updated 2 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)β52Updated 4 years ago
- My personal experience in Threat Hunting and knowledge gained so far.β19Updated 8 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.β32Updated 5 years ago
- Indicator of Compromise Scanner for CVE-2019-19781β94Updated 5 years ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.β26Updated 7 years ago
- Tools for parsing Forensic imagesβ41Updated 6 years ago