humpalum / vscode-sigma
☆15Updated last month
Related projects: ⓘ
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆66Updated 10 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆38Updated 2 years ago
- Collection of scripts provided for public use☆28Updated last month
- A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.☆22Updated 3 weeks ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆34Updated 9 months ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- ☆28Updated last year
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆48Updated 5 months ago
- Powershell sandboxing utility☆17Updated this week
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆47Updated last year
- ShellSweeping the evil.☆49Updated 3 months ago
- A pySigma wrapper to manage detection rules.☆16Updated last week
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆18Updated 6 months ago
- YARA rule analyzer to improve rule quality and performance☆93Updated 9 months ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- USN Journal full path builder☆36Updated this week
- ☆19Updated last year
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆57Updated last year
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated 2 weeks ago
- Azure function to insert MISP data in to Azure Sentinel☆30Updated last year
- A web scraper to create MISP events and reports☆14Updated last year
- Public tools, scripts or code snippets that can help when working with our products☆46Updated last week
- simple webapp for converting sigma rules into siem queries using the pySigma library☆47Updated last year
- A home for detection content developed by the delivr.to team☆56Updated 2 weeks ago
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆15Updated 6 months ago
- my MSTICpy practice and custom tools repository☆11Updated 7 months ago
- Carbon Black TAU Excel 4 Macro Analysis☆36Updated 7 months ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆30Updated 2 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago