bruneaug / DShield-SIEM
DShield Sensor Log Collection with ELK
☆18Updated this week
Related projects ⓘ
Alternatives and complementary repositories for DShield-SIEM
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆22Updated 6 months ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆59Updated 3 weeks ago
- ☆19Updated last year
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆18Updated last year
- VTC - Velociraptor Timeline Creator☆15Updated 6 months ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆15Updated last year
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆22Updated 3 months ago
- ReWrite of AChoir in Go for Cross Platform☆35Updated last week
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆14Updated 4 years ago
- ESXi Cyber Security Incident Response Script☆20Updated 2 months ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆24Updated 4 months ago
- Linux Baseline and Forensic Triage Tool - BETA☆50Updated 2 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 3 weeks ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆35Updated last year
- Initial triage of Windows Event logs☆89Updated 5 months ago
- ShellSweeping the evil.☆52Updated 5 months ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated 2 weeks ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 2 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- A MITRE ATT&CK Lookup Tool☆43Updated 6 months ago
- ☆57Updated 3 weeks ago
- Remote access and Antivirus Logging Database☆41Updated 6 months ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated last month
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆49Updated last year
- Logbook for Digital Forensics and Incident Response☆49Updated 4 months ago
- Public tools, scripts or code snippets that can help when working with our products☆46Updated 2 months ago
- ☆24Updated last year
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆28Updated this week