halpomeranz / LinuxCmdLine
Create lab environment for Linux Command Line course
☆42Updated 2 weeks ago
Related projects: ⓘ
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆96Updated 5 months ago
- Tools for simulating threats☆170Updated 10 months ago
- Windows Malware Investigation Scripts & Docs☆74Updated 5 months ago
- ☆52Updated 3 years ago
- Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science☆119Updated this week
- Repository of attack and defensive information for Business Email Compromise investigations☆216Updated 3 weeks ago
- Some important DFIR Resources☆81Updated last year
- Conference presentations☆45Updated 10 months ago
- ☆40Updated 3 months ago
- InsightVM helpful SQL queries☆57Updated 3 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆147Updated 3 months ago
- Backdoors & Breaches: Campaigns. These are short guides to help Incident Captains by giving them game ideas based on actual breaches.☆31Updated 9 months ago
- Dashboard for conducting Backdoors and Breaches sessions over Zoom.☆108Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆113Updated 9 months ago
- ☆50Updated last year
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆93Updated 6 months ago
- SentinelOne STAR Rules☆45Updated 10 months ago
- A repository to share publicly available Velociraptor detection content☆115Updated this week
- Repository of SentinelOne Deep Visibility queries.☆116Updated 3 years ago
- This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR☆73Updated 2 years ago
- Audit Inspector is a tool for configuring and auditing Windows auditing.☆21Updated last month
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆184Updated 4 years ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆176Updated 2 months ago
- Dashboard for conducting Backdoors and Breaches sessions over Zoom.☆53Updated 2 months ago
- ☆38Updated last year
- A collection of various SIEM rules relating to malware family groups.☆60Updated 3 months ago
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆170Updated last week
- ☆72Updated last month
- Tools to automatically create a SANS index based off the course pdf files.☆70Updated 4 years ago
- The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Of…☆241Updated 3 years ago