☆172Feb 19, 2026Updated last week
Alternatives and similar repositories for SCRIPTS
Users that are interested in SCRIPTS are comparing it to the libraries listed below
Sorting:
- ☆84Mar 1, 2024Updated last year
- BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.☆43Nov 27, 2022Updated 3 years ago
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Jul 16, 2019Updated 6 years ago
- Bloodhound Portable for Windows☆53Apr 1, 2023Updated 2 years ago
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆30Mar 2, 2021Updated 4 years ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆215May 23, 2020Updated 5 years ago
- ☆29Aug 12, 2021Updated 4 years ago
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆23Dec 18, 2024Updated last year
- Real-time Response scripts and schema☆122Oct 23, 2025Updated 4 months ago
- Collection of YARA signatures from individual research☆44Nov 20, 2023Updated 2 years ago
- A PowerShell incident response script for quick triage☆81Jul 18, 2022Updated 3 years ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆92Jan 11, 2021Updated 5 years ago
- LetMeOutOfYour.net Resources☆21Jul 15, 2020Updated 5 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆54Jul 13, 2023Updated 2 years ago
- ☆14Oct 24, 2024Updated last year
- Ansible scripts to build an attack box☆24Sep 24, 2018Updated 7 years ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆341Dec 3, 2025Updated 2 months ago
- An Interactive Pcap Editor (based on Scapy)☆23Oct 11, 2020Updated 5 years ago
- Collection of useful, up to date, Carbon Black Response Queries☆84Oct 23, 2020Updated 5 years ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆14Aug 15, 2022Updated 3 years ago
- A cover story generator for people who Need Quick Covers On Operations☆13May 17, 2020Updated 5 years ago
- Sigma Detection Rule Repository☆92Jun 18, 2020Updated 5 years ago
- ☆20Feb 22, 2021Updated 5 years ago
- An experimental Velociraptor implementation using cloud infrastructure☆26Dec 2, 2025Updated 2 months ago
- ☆115Jan 31, 2024Updated 2 years ago
- Windows login backdoor diagnostic tool☆11Apr 2, 2017Updated 8 years ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- Code and yara rules to detect and analyze Cobalt Strike☆272May 5, 2021Updated 4 years ago
- A project to maintain the list of CrowdStrike Falcon IP addressing for use in dynamic objects/lists on firewalls☆23Dec 8, 2021Updated 4 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit☆240Jul 22, 2021Updated 4 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- PowerShell for CrowdStrike's OAuth2 APIs☆455Feb 12, 2026Updated 2 weeks ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆804Jan 14, 2026Updated last month
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- D/Invoke port of UrbanBishop☆30Dec 13, 2020Updated 5 years ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆26Oct 3, 2023Updated 2 years ago