cudeso / CSIRT-Jump-Bag
CSIRT Jump Bag
☆26Updated 10 months ago
Alternatives and similar repositories for CSIRT-Jump-Bag:
Users that are interested in CSIRT-Jump-Bag are comparing it to the libraries listed below
- ☆33Updated 5 months ago
- My Jupyter Notebooks☆36Updated last week
- ☆41Updated last year
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆19Updated last year
- A tool to modify timestamps in a packet capture to a user selected date☆31Updated 3 years ago
- Threat Hunter's Knowledge Base☆22Updated 3 years ago
- Open source training materials for law-enforcement and organisations interested in DFIR.☆55Updated 2 months ago
- Logbook for Digital Forensics and Incident Response☆50Updated 8 months ago
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆26Updated 3 months ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆12Updated 6 years ago
- Hunt malware with Volatility☆47Updated 10 months ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 3 years ago
- ☆15Updated 4 years ago
- Azure function to insert MISP data in to Azure Sentinel☆31Updated 2 years ago
- Recon Hunt Queries☆76Updated 3 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Updated last year
- Parses KAPE module files and downloads binaries referenced by BinaryURL☆18Updated 5 years ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆67Updated 3 weeks ago
- ☆40Updated 4 years ago
- Random tips and tricks RE: ransomware☆14Updated 3 years ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆29Updated 9 months ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆34Updated 3 years ago
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆22Updated 3 months ago
- Collection of scripts provided for public use☆34Updated last week
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated 5 months ago
- Threat Box Assessment Tool☆19Updated 3 years ago
- ☆77Updated 5 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆39Updated 2 years ago