lasersharkkiller / Threat-HunterLinks
Forensics scripts aimed at automating & enhancing the Forensics Legend Eric Zimmerman's techniques, integrating the statistical detections of the world's greatest hacker Mark Baggett whose zero day still works a decade later, and eventually evolving the Threat Hunting Legend Florian Roth's Sigma scanning aimed towards the top of the pyramid of p…
☆18Updated last year
Alternatives and similar repositories for Threat-Hunter
Users that are interested in Threat-Hunter are comparing it to the libraries listed below
Sorting:
- Finding ClickFix and FakeCAPTCHA like it's 1999☆38Updated this week
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆85Updated 3 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- Collection of scripts provided for public use☆34Updated last month
- Random notes collected on the intertubes relating to DFIR☆34Updated last year
- ☆7Updated 7 months ago
- User Feedback Space of #MitreAssistant☆37Updated 2 years ago
- CarbonBlack EDR detection rules and response actions☆71Updated 8 months ago
- Script to automate Linux live evidence collection☆27Updated 2 years ago
- A preconfigured Velociraptor triage collector☆52Updated this week
- SigmaHQ pySigma CrowdStrike processing pipeline☆26Updated 7 months ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated 7 months ago
- ☆87Updated last year
- ☆21Updated 2 years ago
- Remote access and Antivirus Logging Database☆42Updated last year
- USN Journal full path builder☆60Updated 8 months ago
- Incident Response documents and tooling☆74Updated last year
- simple webapp for converting sigma rules into siem queries using the pySigma library☆49Updated last year
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆109Updated last year
- ☆68Updated 5 months ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆31Updated last year
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆28Updated last week
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆122Updated last year
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆31Updated 3 years ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates…☆64Updated 2 months ago
- Quick ESXi Log Parser☆21Updated 5 months ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated last year
- Library of threat hunts to get any user started!☆44Updated 4 years ago