cudeso / CSIRT-Jump-Bag
CSIRT Jump Bag
☆27Updated 10 months ago
Alternatives and similar repositories for CSIRT-Jump-Bag:
Users that are interested in CSIRT-Jump-Bag are comparing it to the libraries listed below
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆26Updated 3 months ago
- ☆33Updated 4 months ago
- My Jupyter Notebooks☆36Updated 11 months ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 3 years ago
- Open source training materials for law-enforcement and organisations interested in DFIR.☆56Updated last month
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆19Updated last year
- Threat Box Assessment Tool☆19Updated 3 years ago
- Recon Hunt Queries☆76Updated 3 years ago
- A script to create and assign SOP tasks into the cases☆19Updated 4 years ago
- Logbook for Digital Forensics and Incident Response☆50Updated 8 months ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆33Updated 3 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- Azure function to insert MISP data in to Azure Sentinel☆31Updated 2 years ago
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆12Updated 6 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- Threat Hunter's Knowledge Base☆22Updated 3 years ago
- Public Landing Page☆16Updated 2 years ago
- Hunt malware with Volatility☆48Updated 10 months ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆67Updated 2 weeks ago
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Updated 2 years ago
- ☆15Updated 4 years ago
- ☆41Updated last year
- Parses KAPE module files and downloads binaries referenced by BinaryURL☆18Updated 5 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Updated last year
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- The Intelligent Process Lifecycle of Active Cyber Defenders☆31Updated 2 years ago
- Public tools, scripts or code snippets that can help when working with our products☆46Updated last month
- ☆28Updated 4 years ago
- pocket guide for core threat hunting concepts☆23Updated 4 years ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆37Updated 2 years ago