AWS EKS Cluster Forensics
☆23Aug 16, 2021Updated 4 years ago
Alternatives and similar repositories for AWS_EKS_Cluster_Forensics
Users that are interested in AWS_EKS_Cluster_Forensics are comparing it to the libraries listed below
Sorting:
- Simulates a compromise in a cloud and container environment☆34Dec 18, 2024Updated last year
- ☆24Aug 30, 2019Updated 6 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Demo application using GitOps best practices with Flux☆13Nov 29, 2021Updated 4 years ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated 10 months ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Jul 16, 2019Updated 6 years ago
- The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.☆13Sep 9, 2020Updated 5 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆14Mar 4, 2019Updated 7 years ago
- ☆12Jun 3, 2022Updated 3 years ago
- DFORC2 is a cloud-based digital forensics platform, developed at the RAND Corporation and backed by Autopsy and The Sleuth Kit. This repo…☆13Jul 9, 2020Updated 5 years ago
- Cybersecurity Incidents Mind Maps☆34Sep 29, 2021Updated 4 years ago
- A rewrite of mactime, a bodyfile reader☆39Aug 5, 2024Updated last year
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆69Mar 17, 2024Updated last year
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15May 18, 2019Updated 6 years ago
- ☆17Jan 21, 2026Updated last month
- A small tool to easily mount APFS image on macOS for forensics.☆16Jul 30, 2020Updated 5 years ago
- ☆19Aug 6, 2021Updated 4 years ago
- Fun tools around the EBS Direct API☆19Apr 16, 2021Updated 4 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆37Mar 15, 2023Updated 2 years ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Sep 13, 2023Updated 2 years ago
- Python web app for previewing data in a Chrome Profile Folder☆23Jul 1, 2024Updated last year
- Get USB Devices from Registry hives☆22Nov 15, 2021Updated 4 years ago
- Python bindings for https://github.com/omerbenamram/mft☆23Dec 23, 2025Updated 2 months ago
- isodump - ISO dump utility☆41Jun 9, 2019Updated 6 years ago
- ☆22Jan 31, 2023Updated 3 years ago
- Splunk Add-on for PowerShell provides field extraction for PowerShell event logs.☆17Feb 1, 2021Updated 5 years ago
- ☆21May 8, 2022Updated 3 years ago