op7ic / amphunt
Cisco AMP threat hunting scripts
☆14Updated 2 years ago
Related projects: ⓘ
- Snapshot, patch, health-check, and potentially roll-back Windows VMs☆31Updated 6 years ago
- ☆12Updated 4 years ago
- Build your own threat hunting maturity model☆12Updated 6 years ago
- ☆28Updated 5 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 9 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- Triage automation for suspect URLs☆13Updated 5 years ago
- PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.☆38Updated 2 years ago
- Collection of scripts and tools that I created to aid in my testing.☆13Updated 2 years ago
- THOR MITRE ATT&CK Framework Coverage☆24Updated 4 years ago
- Use DNS to hunt for threats including DGAs☆14Updated 8 years ago
- incident response scripts☆18Updated 5 years ago
- Site for IWS book content☆18Updated 5 years ago
- PowerShell Memory Pulling script☆19Updated 9 years ago
- Automatic Sender Policy Framework Reconnaissance☆18Updated 6 years ago
- ☆15Updated this week
- Threat intelligence and threat detection indicators (IOC, IOA)☆51Updated 3 years ago
- Splunk Add-on for PowerShell provides field extraction for PowerShell event logs.☆17Updated 3 years ago
- ☆14Updated 4 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Updated 5 years ago
- Mass Triage Tools☆19Updated 2 months ago
- Defence Against the Dark Arts☆34Updated 5 years ago
- ☆12Updated this week
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 5 years ago
- This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…☆18Updated 2 years ago
- A few quick recipes for those that do not have much time during the day☆21Updated 3 weeks ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆30Updated 7 months ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆33Updated 5 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 4 years ago
- PSAttck is a light-weight framework for the MITRE ATT&CK Framework.☆38Updated 2 years ago