Defence Against the Dark Arts
☆34Sep 15, 2019Updated 6 years ago
Alternatives and similar repositories for defensive-scripts
Users that are interested in defensive-scripts are comparing it to the libraries listed below
Sorting:
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆24Jul 9, 2021Updated 4 years ago
- A collection of Splunk dashboard templates.☆15Apr 18, 2019Updated 6 years ago
- Netwitness Maltego integration Project☆18May 9, 2017Updated 8 years ago
- Disk Image Mounting Script☆11Jan 22, 2026Updated last month
- Virus Total Lookup Script☆14Aug 18, 2015Updated 10 years ago
- Cobalt Strike/C2 Servers☆13Apr 22, 2021Updated 4 years ago
- irCRpull is a PowerShell script utilized to pull several system artifacts, utilizing the free tool CrowdResponse, from a live Win7+ syste…☆14Mar 25, 2015Updated 10 years ago
- Proof of concept incident response demo using SSM and AWS Fargate.☆14Dec 5, 2019Updated 6 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- Threat Simulator for Enterprise Networks☆14May 14, 2022Updated 3 years ago
- ☆12Dec 16, 2016Updated 9 years ago
- Sabonis, a Digital Forensics and Incident Response pivoting tool☆18Mar 3, 2022Updated 3 years ago
- Basic file metadata gathering script☆21Apr 16, 2025Updated 10 months ago
- Registry timestamp manipulation☆17Feb 26, 2014Updated 12 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- VMDK Forensic Artifact Extractor (VFAE) is windows based tool written in C++ that extracts files with a known location from VMDK images r…☆17Aug 7, 2015Updated 10 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆290Jan 15, 2024Updated 2 years ago
- A curated list of tools for incident response☆21Sep 24, 2019Updated 6 years ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Oct 25, 2023Updated 2 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆78Jan 9, 2024Updated 2 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 6 years ago
- Detect and remove the presence of canary tokens☆25Dec 9, 2023Updated 2 years ago
- Makes files super hidden on NTFS☆19Aug 14, 2014Updated 11 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆83Mar 20, 2023Updated 2 years ago
- Automate SSH communication with firewalls, switches, etc.☆27Mar 29, 2018Updated 7 years ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆145Nov 2, 2022Updated 3 years ago
- Yara scan Phishing Kit's Zip archive(s)☆61Jun 20, 2025Updated 8 months ago
- A Nginx reverse proxy that authenticates users using their personal certificates. Includes everything to create and revoke those certific…☆29Mar 8, 2021Updated 4 years ago
- Workflows for Shuffle☆24Oct 26, 2022Updated 3 years ago
- Powerful commandline $MFT record editor.☆25Aug 15, 2015Updated 10 years ago
- 2021 SANS DFIR Summit: Greppin' Logs☆20Oct 30, 2025Updated 4 months ago
- A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.☆25Jan 4, 2017Updated 9 years ago
- A list of IOCs applicable to PoshC2☆24Aug 3, 2020Updated 5 years ago
- ☆26Apr 5, 2020Updated 5 years ago
- A Catalog of Application Whitelisting Bypass Techniques☆32Nov 11, 2014Updated 11 years ago
- ☆27Mar 2, 2022Updated 4 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Jan 16, 2018Updated 8 years ago
- ☆115Jan 31, 2024Updated 2 years ago