k4nfr3 / XDR_scripts
A few XDR Scripts
☆16Updated last month
Related projects ⓘ
Alternatives and complementary repositories for XDR_scripts
- ☆10Updated 3 months ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated last year
- ☆13Updated 6 months ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆50Updated last year
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆15Updated 3 weeks ago
- ☆14Updated last year
- Baseline a Windows System against LOLBAS☆25Updated 6 months ago
- General Content☆20Updated 4 months ago
- A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…☆14Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆90Updated 2 years ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- ESXi Cyber Security Incident Response Script☆20Updated 2 months ago
- Ransomware Simulator for testing Blue Team Detections☆35Updated 2 years ago
- Python tool to find vulnerable AD object and generating csv report☆26Updated 2 years ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆34Updated last year
- ☆25Updated 3 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated last year
- An experimental Velociraptor implementation using cloud infrastructure☆21Updated 2 weeks ago
- ☆41Updated 7 months ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆29Updated last week
- Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …☆13Updated 2 years ago
- ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system☆12Updated 2 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 2 years ago
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆34Updated last year
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- Bloodhound Portable for Windows☆51Updated last year
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆46Updated 2 years ago
- Repository for LNK stuff☆27Updated 2 years ago