capesstack / capes-docker
Cyber Analytics Platform and Examination System (CAPES) Project Page
☆14Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for capes-docker
- A script to create and assign SOP tasks into the cases☆18Updated 4 years ago
- ☆29Updated 6 years ago
- A few quick recipes for those that do not have much time during the day☆21Updated 3 weeks ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- Indices for courses in SANS' Network Security Operations curriculum☆15Updated 8 years ago
- Git for me to put all my forensics stuff☆21Updated 2 months ago
- Site for IWS book content☆18Updated 6 years ago
- incident response scripts☆18Updated 5 years ago
- pollen - A command-line tool for interacting with TheHive☆34Updated 5 years ago
- ☆12Updated 5 years ago
- Use DNS to hunt for threats including DGAs☆14Updated 8 years ago
- Incident Response Report Using GitHub-Sphinx☆19Updated 5 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks☆25Updated 4 years ago
- DNS Dashboard for hunting and identifying beaconing☆14Updated 4 years ago
- ☆13Updated 2 years ago
- Searches for Insider Threat Hunting☆30Updated 5 years ago
- Modular command-line threat hunting tool & framework.☆17Updated 4 years ago
- Docker Container to deploy Mitre Caldera Automated Adversary Emulation System☆25Updated 4 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆28Updated 6 years ago
- ☆14Updated 6 years ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Updated 6 years ago
- ☆34Updated 3 years ago
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆23Updated 4 months ago
- Threat Box Assessment Tool☆19Updated 3 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Updated 7 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆19Updated 2 years ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆16Updated 4 years ago