guardsight / gsvsoc_mission-model

Related projects ⓘ

Alternatives and complementary repositories for gsvsoc_mission-model

• iknowjason / Velociraptor_Azure
  A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.
  ☆20Updated 3 years ago
• ajackal / ir_scripts
  incident response scripts
  ☆18Updated 5 years ago
• dwmetz / PSHero
  PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
  ☆35Updated last year
• chandunsa / IRP
  Incident Response Playbooks
  ☆14Updated 5 years ago
• rj-chap / BaselineTraining
  Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk
  ☆12Updated 5 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆40Updated 4 years ago
• counteractive / incident-response-collector
  ☆14Updated 4 years ago
• PwC-IR / MIA-MailItemsAccessed-
  Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…
  ☆38Updated 4 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• dwmetz / Axiom-PowerShell
  PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.
  ☆10Updated 2 months ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆38Updated 6 months ago
• tesorion / TCERT-Cumulonimbus-UAL_Extractor
  Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…
  ☆18Updated last year
• CompassSecurity / Readinizer
  Microsoft GPO Readiness Lateral Movement Detection Tool
  ☆16Updated last year
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• randomaccess3 / 4n6_stuff
  Git for me to put all my forensics stuff
  ☆21Updated 2 months ago
• jafarspalace / Crowdstrike-Falcon-Scripts
  Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation
  ☆22Updated 3 months ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆70Updated last month
• Shuffle / workflows
  Workflows for Shuffle
  ☆20Updated 2 years ago
• mgreen27 / Invoke-BitsParser
  Sharing my BITS
  ☆12Updated 6 years ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆19Updated 2 years ago
• w8mej / ThreatPlays
  Sharing Threat Hunting runbooks
  ☆24Updated 5 years ago
• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆27Updated 3 years ago
• rndmIdi0cy / Menagerie
  Crowdstrike response script containing various functions for IR/triage
  ☆12Updated 3 years ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆44Updated 2 years ago
• Starke427 / Windows-Security-Policy
  Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.
  ☆11Updated 4 years ago
• philhagen / for572-scripts
  A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
  ☆23Updated 4 months ago
• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 3 years ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆27Updated 6 months ago
• RoqueNight / DefenderATP-Proactive-Threat-Hunting-Queries-KQL
  List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…
  ☆23Updated 3 years ago
• MattETurner / DFIRlogbook
  Logbook for Digital Forensics and Incident Response
  ☆49Updated 4 months ago