ozpingux / BasicLinuxForensicScript
Bash Script to extract GNU/Linux forensic artifacts for digital forensic analysis and incident response.
β43Updated last year
Alternatives and similar repositories for BasicLinuxForensicScript:
Users that are interested in BasicLinuxForensicScript are comparing it to the libraries listed below
- π§° ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.β71Updated 2 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data wβ¦β51Updated 3 months ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from themβ32Updated 3 months ago
- Linux Baseline and Forensic Triage Tool - BETAβ53Updated 2 years ago
- Detection rule validationβ41Updated last year
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.β153Updated 10 months ago
- MS Graph Commands and Tools for Blue Teamersβ49Updated last year
- All kinds of tiny shellsβ58Updated 2 years ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders undβ¦β118Updated 11 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so onβ81Updated 10 months ago
- Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.β60Updated 8 months ago
- Advanced Email Threat Hunting w/ Detection as Codeβ52Updated last month
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)β68Updated last year
- Regular Expressions List used in Digital Forensic Tasksβ82Updated last month
- God Mode Detection Rulesβ134Updated 7 months ago
- Track C2 servers, tools, and botnets over time by framework and locationβ37Updated last month
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), aβ¦β48Updated last week
- β24Updated 2 years ago
- Contains compiled binaries of Volatilityβ33Updated 2 months ago
- A C# based tool for analysing malicious OneNote documentsβ111Updated last year
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extracβ¦β147Updated 6 months ago
- CarbonBlack EDR detection rules and response actionsβ71Updated 6 months ago
- A collection of CVEs weaponized by ransomware operatorsβ111Updated last week
- This repository contains a comprehensive testing designed for evaluating the performance and resilience of Endpoint Detection and Responsβ¦β51Updated 5 months ago
- Initial triage of Windows Event logsβ96Updated 9 months ago
- Living Off Security Toolsβ45Updated 4 months ago
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpubβ67Updated last year
- An exercise to practice deobfuscating PowerShell Scripts.β28Updated 2 years ago
- DEFCON 31 slide deck and video linkβ58Updated 8 months ago