A dataset with CloudTrail events from an attack simulation using Stratus.
☆25Jul 12, 2023Updated 2 years ago
Alternatives and similar repositories for aws_dataset
Users that are interested in aws_dataset are comparing it to the libraries listed below
Sorting:
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆31Jul 12, 2023Updated 2 years ago
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 4 months ago
- Primarily aimed at replicating files that cannot be directly copied due to being in use.☆11Apr 22, 2024Updated last year
- ☆11Dec 9, 2025Updated 2 months ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆58Jun 7, 2022Updated 3 years ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- ☆21Nov 19, 2025Updated 3 months ago
- llama is lightgrep's amazing media analyzer☆16Oct 28, 2025Updated 4 months ago
- A Rust library for parsing and evaluating Sigma rules☆19Nov 26, 2025Updated 3 months ago
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆20Nov 28, 2023Updated 2 years ago
- ☆23Oct 9, 2024Updated last year
- Programming Microsoft Sentinel book☆25Dec 13, 2023Updated 2 years ago
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 4 months ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- ☆24Aug 30, 2019Updated 6 years ago
- An ongoing collection of of AWS tools, frameworks, libraries, learning tutorials for InfoSec and security professionals☆23Dec 16, 2021Updated 4 years ago
- Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic☆308Jan 6, 2023Updated 3 years ago
- Sample evtx files to use for testing hayabusa detection rules☆65Nov 5, 2025Updated 4 months ago
- Jupyter notebooks for threat hunting☆60Mar 26, 2025Updated 11 months ago
- ☆26Aug 20, 2025Updated 6 months ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.☆27Jun 3, 2018Updated 7 years ago
- Forensic framework to build tools that can be reused in multiple projects without changing anything☆31Oct 17, 2025Updated 4 months ago
- Windows Event Log Knowledge Base☆31Dec 23, 2025Updated 2 months ago
- Windows event log anomaly detection powered by ATPA technologies☆26Dec 22, 2022Updated 3 years ago
- ☆10Sep 11, 2021Updated 4 years ago
- A collection of my public YARA signatures for various malware families☆30Sep 20, 2024Updated last year
- ☆25Feb 13, 2021Updated 5 years ago
- DFIR Timeline Analysis for macOS — SQLite-backed viewer for CSV, TSV, XLSX, EVTX, and Plaso files with built-in process inspection, later…☆136Updated this week
- PowerShell Script Analyzer☆69Oct 26, 2023Updated 2 years ago
- RetDec Offline Decompiler☆46Feb 11, 2020Updated 6 years ago
- A DFIR tool to analyze artifacts on macOS☆35Jan 18, 2021Updated 5 years ago
- Hunting Queries for Defender ATP☆83Dec 14, 2025Updated 2 months ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆51Sep 22, 2025Updated 5 months ago
- Digital Artefact Extraction Tool for Discord Application☆12Apr 13, 2023Updated 2 years ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆103Jan 13, 2026Updated last month
- Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to fi…☆49May 31, 2017Updated 8 years ago
- This crate provides functions for working with IPv4 CIDRs and IPv6 CIDRs.☆33Dec 26, 2025Updated 2 months ago
- It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving☆42Apr 23, 2020Updated 5 years ago