mamun-sec / dfirt
Collect information of Windows PC when doing incident response
☆243Updated last year
Alternatives and similar repositories for dfirt:
Users that are interested in dfirt are comparing it to the libraries listed below
- Course repository for PowerShell for Pentesters Course☆427Updated 2 years ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆455Updated 7 months ago
- MAL-CL (Malicious Command-Line)☆309Updated 2 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆600Updated 7 months ago
- A repository of DFIR-related Mind Maps geared towards the visual learners!☆518Updated 2 years ago
- Collection of tools that reflect the network dimension into Bloodhound's data☆445Updated 2 years ago
- ☆698Updated last week
- #ThreatHunting #DFIR #Malware #Detection Mind Maps☆286Updated 3 years ago
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆841Updated 3 years ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆277Updated 5 months ago
- A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365☆771Updated 2 years ago
- Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.☆465Updated 2 months ago
- WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)☆777Updated 2 years ago
- A suite of Tools to aid Incidence Response and Live Forensics for - Windows (Powershell) | Linux (Bash) | MacOS (Shell)☆559Updated 4 months ago
- Collection of PowerShell functions a Red Teamer may use in an engagement☆516Updated last year
- A list of my personal projects☆174Updated 2 years ago
- CVE-2021-1675 Detection Info☆215Updated last year
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,097Updated 8 months ago
- Incident Response collection and processing scripts with automated reporting scripts☆284Updated 7 months ago
- Deploy customizable Active Directory labs in Azure - automatically.☆413Updated 2 months ago
- An introduction to Active Directory security☆640Updated 2 years ago
- Pwnspoof repository☆258Updated last year
- Purple Teaming Attack & Hunt Lab - Terraform☆158Updated 3 years ago
- A PowerShell armoury for security guys and girls☆467Updated last year
- Ransomware simulation script written in PowerShell. Useful for testing your defenses and backups against real ransomware-like activity in…☆215Updated 4 months ago
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆792Updated last month
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆705Updated last month
- Ransomware simulator written in Golang☆422Updated 2 years ago
- An Office365 User Attack Tool☆628Updated 10 months ago
- ☆650Updated 2 weeks ago