☆172Mar 16, 2026Updated this week
Alternatives and similar repositories for SCRIPTS
Users that are interested in SCRIPTS are comparing it to the libraries listed below
Sorting:
- ☆84Mar 1, 2024Updated 2 years ago
- Bloodhound Portable for Windows☆53Apr 1, 2023Updated 2 years ago
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Jul 16, 2019Updated 6 years ago
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆30Mar 2, 2021Updated 5 years ago
- ☆29Aug 12, 2021Updated 4 years ago
- BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.☆43Nov 27, 2022Updated 3 years ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆215May 23, 2020Updated 5 years ago
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆23Dec 18, 2024Updated last year
- Real-time Response scripts and schema☆122Oct 23, 2025Updated 4 months ago
- ☆20Feb 22, 2021Updated 5 years ago
- Collection of YARA signatures from individual research☆44Nov 20, 2023Updated 2 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆14Aug 15, 2022Updated 3 years ago
- A PowerShell incident response script for quick triage☆81Jul 18, 2022Updated 3 years ago
- Collection of useful, up to date, Carbon Black Response Queries☆86Oct 23, 2020Updated 5 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 5 years ago
- Sigma Detection Rule Repository☆92Jun 18, 2020Updated 5 years ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆340Dec 3, 2025Updated 3 months ago
- ☆115Jan 31, 2024Updated 2 years ago
- LetMeOutOfYour.net Resources☆21Jul 15, 2020Updated 5 years ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆92Jan 11, 2021Updated 5 years ago
- An Interactive Pcap Editor (based on Scapy)☆23Oct 11, 2020Updated 5 years ago
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆54Jul 13, 2023Updated 2 years ago
- A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit☆240Jul 22, 2021Updated 4 years ago
- Code and yara rules to detect and analyze Cobalt Strike☆272May 5, 2021Updated 4 years ago
- Cisco Orbital - Osquery queries by Talos☆137Aug 23, 2024Updated last year
- A collection of scripts for use with CrowdStrike Falcon RTR☆19Oct 4, 2024Updated last year
- ☆14Oct 24, 2024Updated last year
- An experimental Velociraptor implementation using cloud infrastructure☆26Dec 2, 2025Updated 3 months ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- PowerShell for CrowdStrike's OAuth2 APIs☆464Mar 12, 2026Updated last week
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆42Jun 27, 2021Updated 4 years ago
- Windows login backdoor diagnostic tool☆11Apr 2, 2017Updated 8 years ago
- TrustedSec Sysinternals Sysmon Community Guide☆1,384Feb 10, 2026Updated last month
- MAL-CL (Malicious Command-Line)☆322Jan 10, 2023Updated 3 years ago
- A project to maintain the list of CrowdStrike Falcon IP addressing for use in dynamic objects/lists on firewalls☆23Dec 8, 2021Updated 4 years ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆921Aug 19, 2021Updated 4 years ago
- Obtain and parse SSL certificates☆86Nov 19, 2021Updated 4 years ago
- ☆33Dec 4, 2022Updated 3 years ago