kk0m4k / docker-forensics
☆23Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for docker-forensics
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Updated 5 years ago
- ☆50Updated 6 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆41Updated 3 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆15Updated 3 years ago
- Mitre Att&ck Technique Emulation☆82Updated 5 years ago
- No-Script Automation Tool☆56Updated 6 years ago
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆56Updated 2 years ago
- Repository for my ATT&CK analysis research.☆68Updated 5 years ago
- The new name is DeTT&CT☆24Updated 5 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated last year
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆37Updated last year
- Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks☆25Updated 4 years ago
- Security Onion Elastic Stack☆46Updated 3 years ago
- Sandbox feature upgrade with the help of wrapped samples☆75Updated 6 years ago
- ☆33Updated 3 years ago
- Links to malware-related YARA rules☆14Updated 2 years ago
- pocket guide for core threat hunting concepts☆23Updated 4 years ago
- Malware similarity platform with modularity in mind.☆76Updated 3 years ago
- Projects for AWS ThreatHunting☆21Updated 3 years ago
- Home to the ActorTrackr source code☆27Updated 7 years ago
- Handy scripts to speed up malware analysis☆35Updated last year
- Fast incident overview☆39Updated 7 years ago
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆23Updated 4 months ago
- Modular command-line threat hunting tool & framework.☆17Updated 4 years ago
- Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.☆48Updated 5 years ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆58Updated last year
- Merge all Yara rules from official Yara github repository in one .yar file☆28Updated 6 years ago
- A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…☆71Updated 3 years ago