jstrosch / FLARE-VM-configsLinks
These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help streamline the installation.
☆14Updated last year
Alternatives and similar repositories for FLARE-VM-configs
Users that are interested in FLARE-VM-configs are comparing it to the libraries listed below
Sorting:
- A simple tool designed to create Atomic Red Team tests with ease.☆44Updated 3 months ago
- Contains compiled binaries of Volatility☆33Updated last month
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated 2 years ago
- Quick ESXi Log Parser☆21Updated 5 months ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated last month
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Updated 2 years ago
- Tools and scripts to deploy and manage OpenRelik instances☆14Updated 2 weeks ago
- ☆24Updated 4 months ago
- information about ransomware groups (Ransomware Analysis Notes)☆37Updated last year
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆25Updated 3 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆52Updated 6 months ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆36Updated 4 months ago
- Yara Rules for Modern Malware☆77Updated last year
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- Detection rule validation☆41Updated last year
- a tiny program to consume from ETW providers for research☆49Updated 5 months ago
- ☆27Updated 7 months ago
- A Model Context Protocol (MCP) server that integrates Volatility 3 memory forensics framework with Claude☆16Updated 2 months ago
- Baseline a Windows System against LOLBAS☆27Updated last year
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆45Updated 2 years ago
- ☆14Updated last year
- macOS Artifacts☆30Updated 3 months ago
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆41Updated 5 months ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆62Updated 6 months ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- ☆33Updated 3 years ago
- ☆32Updated 2 years ago
- ☆73Updated last week
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆80Updated 9 months ago