bittib010 / AjourVolAutolityView external linksLinks
A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.
☆16Aug 19, 2025Updated 5 months ago
Alternatives and similar repositories for AjourVolAutolity
Users that are interested in AjourVolAutolity are comparing it to the libraries listed below
Sorting:
- This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recomman…☆11Mar 2, 2023Updated 2 years ago
- Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …☆24Jun 11, 2025Updated 8 months ago
- ☆18Jun 25, 2024Updated last year
- A small security playground implementation of GHOSTS User Simulation framework with an Active Directory deployment and Elastic.☆20Jul 17, 2024Updated last year
- Defeating Anti-Debugging Techniques for Malware Analysis☆13Oct 1, 2022Updated 3 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Mar 23, 2020Updated 5 years ago
- KQLIntel is a browser-based tool that uses LLMs to convert threat intelligence reports into actionable Kusto Query Language (KQL) queries…☆29Aug 4, 2025Updated 6 months ago
- Step-by-step documentation on how to decrypt SCCM database secrets offline☆50Oct 20, 2025Updated 3 months ago
- TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …☆27Jul 13, 2022Updated 3 years ago
- This is the official repository for Basic Malware Analysis Course☆20Jan 11, 2022Updated 4 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆421Aug 10, 2025Updated 6 months ago
- Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.☆50Sep 1, 2023Updated 2 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Jan 18, 2023Updated 3 years ago
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- My Malware Analysis Reports☆25May 24, 2022Updated 3 years ago
- A python script developed to process Windows memory images based on triage type.☆264Nov 25, 2023Updated 2 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- ☆28May 25, 2021Updated 4 years ago
- Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware☆38Jun 26, 2025Updated 7 months ago
- Azure Function App to serve as midddleware for a logon script solution for cloud managed devices.☆15Apr 25, 2023Updated 2 years ago
- ☆33Feb 26, 2022Updated 3 years ago
- Living Off the Foreign Land setup scripts☆74Feb 26, 2025Updated 11 months ago
- Threat Hunting & Incident Investigation with Osquery☆216Mar 30, 2022Updated 3 years ago
- Premantel - A Malware analysis and Threat Intel Framework☆36Mar 22, 2019Updated 6 years ago
- IoT Malware Similarity Analysis Platform☆45Jan 30, 2022Updated 4 years ago
- PowerShell module to manage the Entra ID device-bound passkey feature☆32Jun 5, 2024Updated last year
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆37Mar 15, 2023Updated 2 years ago
- ☆84Nov 21, 2024Updated last year
- PowerShell for Active Directory, Defender XDR, Entra ID, Exchange Server, Microsoft 365, Windows, and more! ✌️☆97Jan 5, 2026Updated last month
- KQL example queries for working in Azure☆36Dec 1, 2025Updated 2 months ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆42Oct 23, 2019Updated 6 years ago
- Remote access and Antivirus Logging Database☆45Apr 28, 2024Updated last year
- Trace ScriptBlock execution for powershell v2☆40Jan 14, 2020Updated 6 years ago
- An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations☆61Aug 18, 2025Updated 5 months ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated 11 months ago
- Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.☆484Nov 22, 2024Updated last year
- Windows symbol tables for Volatility 3☆92Jul 11, 2024Updated last year
- ☆94Oct 13, 2022Updated 3 years ago