jbradley89 / osx_incident_response_scripting_and_analysis

Related projects ⓘ

Alternatives and complementary repositories for osx_incident_response_scripting_and_analysis

• Broctets-and-Bytes / Darwin
  Scripts for MacOS related tasks.
  ☆17Updated 4 years ago
• Foundstone / InvestigationPlaybookSpec
  InvestigationPlaybookSpec
  ☆72Updated 7 years ago
• mikermcneil / fleet-osquery-in-a-box
  Simple Docker-based quickstart for osquery, Fleet, and ELK stack
  ☆60Updated last year
• ctxis / cbrcli
  Command line interface to Carbon Black Response
  ☆38Updated 4 years ago
• richiercyrus / Venator-Swift
  Swift Command line tool used for proactive detection of malicious activity on macOS systems.
  ☆68Updated 4 years ago
• deeso / fleet-deployment
  ☆15Updated 5 years ago
• aboutsecurity / Talks-and-Presentations
  Slides and Other Resources from my latest Talks and Presentations
  ☆24Updated 3 years ago
• mac4n6 / macMRU-Parser
  Python script to parse the Most Recently Used (MRU) plist files on macOS into a more human friendly format.
  ☆101Updated 6 years ago
• Jrotenberger / Powershell-IR-Scripts
  ☆39Updated 5 years ago
• pstirparo / utils
  Different DFIR and CTI utilities
  ☆36Updated 4 years ago
• Jrotenberger / CBIRAutomation
  CB API scripts for IR, administration, etc.
  ☆33Updated 5 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• iknowjason / Velociraptor_Azure
  A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.
  ☆20Updated 3 years ago
• richiercyrus / Venator
  [⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.
  ☆176Updated 4 years ago
• Foundstone / ExpertInvestigationGuides
  Expert Investigation Guides
  ☆50Updated 3 years ago
• thomasareed / pict
  Post-Infection Collection Toolkit
  ☆93Updated last year
• n3l5 / irFARTpull
  PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.
  ☆50Updated 6 years ago
• nicoleibrahim / DSStoreParser
  macOS .DS_Store Parser
  ☆61Updated 3 years ago
• ExabeamLabs / Synopsis
  Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.
  ☆20Updated 6 years ago
• teamdfir / volatility-plugins-community
  Volatility plugins developed and maintained by the community
  ☆21Updated 2 months ago
• xorrior / goesf
  Golang command line tool for the macOS Endpoint Security Framework
  ☆29Updated 4 years ago
• brimorlabs / KStrike
  Stand-alone parser for User Access Logging from Server 2012 and newer systems
  ☆71Updated 10 months ago
• OktaSecurityLabs / CheatSheets
  ☆33Updated 6 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆75Updated 3 years ago
• MHaggis / app_splunk_sysmon_hunter
  Splunk App to assist Sysmon Threat Hunting
  ☆38Updated 7 years ago
• sans-blue-team / NSM
  This repository is created to add value to existing Network Security Monitoring solutions.
  ☆42Updated 8 years ago
• dmb2168 / OAuthHunting
  ☆52Updated 6 years ago