A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.
☆16Aug 19, 2025Updated 6 months ago
Alternatives and similar repositories for AjourVolAutolity
Users that are interested in AjourVolAutolity are comparing it to the libraries listed below
Sorting:
- A tool to create randomly insecure file shares that also contain unsecured credential files☆49Feb 16, 2026Updated 2 weeks ago
- This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recomman…☆11Mar 2, 2023Updated 3 years ago
- Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …☆25Jun 11, 2025Updated 8 months ago
- ☆18Jun 25, 2024Updated last year
- A small security playground implementation of GHOSTS User Simulation framework with an Active Directory deployment and Elastic.☆20Jul 17, 2024Updated last year
- Defeating Anti-Debugging Techniques for Malware Analysis☆12Oct 1, 2022Updated 3 years ago
- KQLIntel is a browser-based tool that uses LLMs to convert threat intelligence reports into actionable Kusto Query Language (KQL) queries…☆29Aug 4, 2025Updated 7 months ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Mar 23, 2020Updated 5 years ago
- TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …☆27Jul 13, 2022Updated 3 years ago
- This is the official repository for Basic Malware Analysis Course☆20Jan 11, 2022Updated 4 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.☆50Sep 1, 2023Updated 2 years ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆432Feb 18, 2026Updated 2 weeks ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Jan 18, 2023Updated 3 years ago
- Ghidra script for extracting embedded Rust crate dependency strings from a compiled Rust binary☆36Aug 9, 2022Updated 3 years ago
- My Malware Analysis Reports☆25May 24, 2022Updated 3 years ago
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- DFIR Timeline Analysis for macOS — SQLite-backed viewer for CSV, TSV, XLSX, EVTX, and Plaso files with built-in process inspection, later…☆136Updated this week
- Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware☆38Feb 24, 2026Updated last week
- Azure Function App to serve as midddleware for a logon script solution for cloud managed devices.☆15Apr 25, 2023Updated 2 years ago
- Lightweight macOS detection agent built on Santa’s Endpoint Security telemetry.☆105Dec 3, 2025Updated 3 months ago
- ☆33Feb 26, 2022Updated 4 years ago
- Living Off the Foreign Land setup scripts☆74Feb 26, 2025Updated last year
- IoT Malware Similarity Analysis Platform☆45Jan 30, 2022Updated 4 years ago
- PowerShell module to manage the Entra ID device-bound passkey feature☆33Jun 5, 2024Updated last year
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆37Mar 15, 2023Updated 2 years ago
- PowerShell for Active Directory, Defender XDR, Entra ID, Exchange Server, Microsoft 365, Windows, and more! ✌️☆96Jan 5, 2026Updated 2 months ago
- ☆84Nov 21, 2024Updated last year
- KQL example queries for working in Azure☆36Dec 1, 2025Updated 3 months ago
- Simple PowerShell script to enable process scanning with Yara.☆98Oct 4, 2022Updated 3 years ago
- An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations☆61Aug 18, 2025Updated 6 months ago
- Remote access and Antivirus Logging Database☆45Apr 28, 2024Updated last year
- Trace ScriptBlock execution for powershell v2☆40Jan 14, 2020Updated 6 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆42Oct 23, 2019Updated 6 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated 11 months ago
- Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.☆485Nov 22, 2024Updated last year
- Windows symbol tables for Volatility 3☆93Jul 11, 2024Updated last year