lasersharkkiller / Threat-HunterLinks
Forensics scripts aimed at automating & enhancing the Forensics Legend Eric Zimmerman's techniques, integrating the statistical detections of the world's greatest hacker Mark Baggett whose zero day still works a decade later, and eventually evolving the Threat Hunting Legend Florian Roth's Sigma scanning aimed towards the top of the pyramid of p…
☆18Updated 2 years ago
Alternatives and similar repositories for Threat-Hunter
Users that are interested in Threat-Hunter are comparing it to the libraries listed below
Sorting:
- User Feedback Space of #MitreAssistant☆38Updated 2 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆88Updated 8 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97Updated 2 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆55Updated 2 years ago
- ☆13Updated last year
- ☆68Updated last week
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆89Updated 2 years ago
- USN Journal full path builder☆61Updated last year
- Repository of public reference frameworks for the DFIR community.☆120Updated 2 years ago
- Full of public notes and Utilities☆127Updated 8 months ago
- A repository of my own Sigma detection rules.☆162Updated last year
- ☆88Updated 2 months ago
- Jupyter notebooks for threat hunting☆59Updated 6 months ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Updated 3 years ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆115Updated 2 years ago
- Script to automate Linux live evidence collection☆27Updated 3 years ago
- CarbonBlack EDR detection rules and response actions☆72Updated last year
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆115Updated last year
- A repository to share publicly available Velociraptor detection content☆189Updated this week
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆124Updated last year
- ☆22Updated 2 years ago
- A preconfigured Velociraptor triage collector☆55Updated this week
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆57Updated 4 months ago
- Incident Response documents and tooling☆106Updated last month
- ☆21Updated 3 years ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆159Updated 6 months ago
- Collection of scripts provided for public use☆37Updated last week
- A PowerShell incident response script for quick triage☆81Updated 3 years ago
- This repo is where I store my Threat Hunting ideas/content☆88Updated 2 years ago