logpresso / community

Related projects: ⓘ

• ryanmrestivo / blue-team
  Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs…
  ☆33Updated 9 months ago
• jsecurity101 / jsecurity101
  ☆14Updated 5 months ago
• idnahacks / NetCeasePlusPlus
  Takes the original idea of NetCease and adds functionality
  ☆24Updated 2 years ago
• threatexpress / threat-mitigation
  Threat Mitigation Strategies
  ☆23Updated last year
• kacos2000 / Evtx_Log_Browser
  Evtx Log (xml) Browser
  ☆54Updated last year
• SadProcessor / EzETW
  Cmdlets for capturing Windows Events
  ☆12Updated 2 years ago
• ohjeongwook / WindowsEventTools
  Collection Of Scripts And Utilities For Windows Event Hunting
  ☆16Updated 4 years ago
• mgreen27 / EventLogs
  ☆18Updated this week
• darkoperator / vscode-sysmon
  Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.
  ☆50Updated last year
• AndrewRathbun / SANSGoldPaperResearch_FOR500_Rathbun
  A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.
  ☆24Updated 2 years ago
• OTRF / bloodhound-notebooks
  Notebooks created to attack and secure Active Directory environments
  ☆27Updated 4 years ago
• imp0rtp3 / yara-rules
  Yara rules written by me, for free use.
  ☆17Updated 2 years ago
• proferosec / Threat-Intelligence
  A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.
  ☆10Updated 5 years ago
• olafhartong / sysmon-parser
  Automatically generated Sysmon parser for Azure Sentinel
  ☆14Updated this week
• Ben0xA / PowerShellScripts
  Random PowerShell Scripts
  ☆16Updated 3 years ago
• sandflysecurity / sandfly-file-decloak
  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
  ☆21Updated last year
• DissectMalware / OfficeForensicTools
  A set of tools for collecting forensic information
  ☆24Updated 4 years ago
• nettitude / logparser
  SQL scripts for querying event logs
  ☆21Updated 7 years ago
• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• mandiant / ioc-scanner-CVE-2019-19781
  Indicator of Compromise Scanner for CVE-2019-19781
  ☆92Updated 4 years ago
• nasbench / procmon-malware-analysis-filters
  Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool
  ☆13Updated 3 years ago
• kacos2000 / Win10LiveInfo
  Windows 10 Live Information viewer
  ☆33Updated 2 years ago
• ArsenalRecon / SdbaParser
  Parser for Sdba memory pool tags
  ☆17Updated 3 years ago
• RedSiege / CLM-Base64
  This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode
  ☆22Updated 2 months ago
• ceramicskate0 / SWELF
  Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at ht…
  ☆24Updated last year
• gpoguy / setpol
  Lets you write arbitrary registry entries to Group Policy related .pol files (e.g. registry.pol)
  ☆11Updated 5 years ago
• nccgroup / WindowsMemPageDelta
  A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection
  ☆28Updated 3 years ago
• k3idii / ION
  Indicators of Normality
  ☆12Updated 2 years ago
• jymcheong / OpenEDR
  Renamed to Free EDR to avoid confusion with Comodo's project
  ☆22Updated last year
• mandiant / ARDvark
  ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.
  ☆34Updated last year