Integrating Sysinternals Autoruns’ logs into Security Onion
☆31Feb 20, 2024Updated 2 years ago
Alternatives and similar repositories for Pertinax
Users that are interested in Pertinax are comparing it to the libraries listed below
Sorting:
- Mirror network traffic from one interface to another on Windows☆25Feb 26, 2020Updated 6 years ago
- ☆11Oct 16, 2022Updated 3 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Jul 23, 2015Updated 10 years ago
- ☆38Aug 27, 2021Updated 4 years ago
- Evolving directions on building the best Open Source Forensics VM☆161Jul 5, 2018Updated 7 years ago
- Process HTTP Pcaps With YARA☆108Jul 29, 2013Updated 12 years ago
- Next major release of sniffMyPackets - Now with added packet loving☆12Mar 19, 2015Updated 10 years ago
- Malware-Analysis-Kit☆14Aug 3, 2015Updated 10 years ago
- ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system☆13Jun 24, 2022Updated 3 years ago
- Bro Intel Feed Linter☆26Aug 30, 2019Updated 6 years ago
- ☆28May 25, 2021Updated 4 years ago
- Import Bro logs from SecurityOnion into Logstash☆15Nov 10, 2015Updated 10 years ago
- irCRpull is a PowerShell script utilized to pull several system artifacts, utilizing the free tool CrowdResponse, from a live Win7+ syste…☆14Mar 25, 2015Updated 10 years ago
- Simple web app for displaying cowrie data in your browser☆12Jun 2, 2016Updated 9 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- MalwareAnalysis☆12Dec 19, 2020Updated 5 years ago
- Analyst tool for creating pivot maps of data sources☆16Sep 11, 2017Updated 8 years ago
- An informational repo about hunting for adversaries in your IT environment.☆14Apr 10, 2017Updated 8 years ago
- Presentation Slides and Resources☆16Jun 12, 2024Updated last year
- Run Velociraptor on Security Onion☆40Jul 27, 2022Updated 3 years ago
- defendA Data Lake. A firehose pipeline to athena providing enrichment and normalization for security events☆17Apr 19, 2023Updated 2 years ago
- A set of tools and procedures for automating NSM and NIDS deployments in AWS☆15Oct 16, 2020Updated 5 years ago
- Checks observables/ioc in TheHive/Cortex against the MISP warningslists☆14Dec 27, 2017Updated 8 years ago
- Modular command-line threat hunting tool & framework.☆17Jul 20, 2020Updated 5 years ago
- An Inofficial Sysmon Version History (Change Log)☆33Oct 25, 2020Updated 5 years ago
- Create an incident response triage toolkit for use with Windows or Linux.☆18Jun 14, 2020Updated 5 years ago
- Steve McCanne's Sharkfest '21 Talk☆16Oct 12, 2021Updated 4 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Jun 23, 2018Updated 7 years ago
- To parse ugly Microsoft DNS Logs....☆41Jun 8, 2018Updated 7 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- Carve Windows Prefetch files from arbitrary binary data☆16Jun 11, 2017Updated 8 years ago
- Modified edition of cuckoo☆18Feb 14, 2018Updated 8 years ago
- general purpose and malware specific analysis tools☆101Oct 22, 2015Updated 10 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20May 25, 2022Updated 3 years ago
- Threat Box Assessment Tool☆19Aug 15, 2021Updated 4 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆42Sep 20, 2016Updated 9 years ago
- My personal experience in Threat Hunting and knowledge gained so far.☆19May 27, 2017Updated 8 years ago
- IoC's, PCRE's, YARA's etc☆23Mar 25, 2025Updated 11 months ago
- CRITs - Collaborative Research Into Threats☆21Mar 13, 2019Updated 6 years ago