bi-zone / triageLinks
A free data collection and YARA scanning tool for cybersecurity incident investigation, compromise assessment and threat hunting
☆16Updated 8 months ago
Alternatives and similar repositories for triage
Users that are interested in triage are comparing it to the libraries listed below
Sorting:
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆125Updated last year
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆126Updated 5 months ago
- A comprehensive workshop aimed to equip participants with an in-depth understanding of modern Command and Control (C2) concepts, focusing…☆104Updated last year
- ☆103Updated last week
- A tool to remotely detect unusual sessions opened on windows machines using RPC☆115Updated last month
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- A ProcessMonitor visualization application written in rust.☆181Updated last year
- Enterprise Response Model & Common Knowledge☆37Updated 2 weeks ago
- https://lolad-project.github.io/☆78Updated 6 months ago
- A collection of all my personal cheat sheets and guides as I progress through my career in offensive security.☆214Updated 5 months ago
- Active C&C Detector☆155Updated last year
- Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].☆153Updated 2 years ago
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆76Updated 2 months ago
- ShellSweeping the evil.☆174Updated 7 months ago
- Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.☆197Updated this week
- VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data …☆143Updated 4 months ago
- An interactive shell to spoof some LOLBins command line☆185Updated last year
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Updated 9 months ago
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆167Updated 9 months ago
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆34Updated last year
- Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports☆122Updated this week
- A collection of tools, scripts and personal research☆138Updated 2 weeks ago
- A collection of CVEs weaponized by ransomware operators☆118Updated last month
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago
- ☆148Updated 3 weeks ago
- ☆189Updated last year
- A curated list of awesome LOLBins, GTFO projects, and similar 'Living Off the Land' security resources.☆176Updated 8 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆124Updated last year
- A collection of tools and detections for the Sliver C2 Frameworj☆127Updated 2 years ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆172Updated last month