Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
☆11Feb 6, 2025Updated last year
Alternatives and similar repositories for sans-dfir-2022
Users that are interested in sans-dfir-2022 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆17Mar 31, 2026Updated last month
- Jupyter notebooks for threat hunting☆60Apr 7, 2026Updated last month
- Powershell sandboxing utility☆19Mar 2, 2026Updated 2 months ago
- ☆24Aug 30, 2019Updated 6 years ago
- This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.☆15Jul 13, 2023Updated 2 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Modified cryptsetup to enable password guessing - https://diverto.github.io/2019/11/18/Cracking-LUKS-passphrases☆18Nov 27, 2019Updated 6 years ago
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆17Mar 10, 2023Updated 3 years ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆179Mar 2, 2026Updated 2 months ago
- A Sigma based detection pipeline☆12Dec 15, 2023Updated 2 years ago
- ☆153Dec 6, 2018Updated 7 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- ☆12Apr 22, 2022Updated 4 years ago
- Build K3s image using Packer☆13Apr 29, 2026Updated last week
- Cyber competition scoring engine☆17Jun 15, 2016Updated 9 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Forensic Analysis Tool for Btrfs File System.☆20Aug 6, 2018Updated 7 years ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- "Fuzzy matching" for SQLite databases☆30Jun 30, 2020Updated 5 years ago
- Quick ESXi Log Parser☆31Oct 20, 2025Updated 6 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆39Aug 18, 2022Updated 3 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- A threat sighting collects the behavior of a real threats and the observables used during its engagement.☆12Mar 29, 2022Updated 4 years ago
- A utility to force query DNS over DoH off of CloudFlare API when DNS block is in place☆10Aug 26, 2018Updated 7 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆54Oct 23, 2024Updated last year
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆90Sep 16, 2023Updated 2 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- llama is lightgrep's amazing media analyzer☆16Mar 24, 2026Updated last month
- Full of public notes and Utilities☆133Jan 6, 2026Updated 4 months ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- ☆23Apr 20, 2026Updated 2 weeks ago
- Registry timestamp manipulation☆18Feb 26, 2014Updated 12 years ago
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆18Apr 16, 2015Updated 11 years ago
- A server to connect local Obisdian instances and remote vaults with Desktop AI tools like Claude and ChatGPT Desktop☆22Oct 16, 2025Updated 6 months ago
- ☆33Feb 26, 2022Updated 4 years ago
- Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way☆19Jun 6, 2022Updated 3 years ago
- Zero-dependency Linux memory forensics PoC — leverages kernel-embedded BTF and kallsyms for type-aware memory analysis without external d…☆153Apr 30, 2026Updated last week
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Jan 29, 2020Updated 6 years ago
- Serving files with conditions, serverside keying and more.☆18May 26, 2022Updated 3 years ago