pathtofile / siemcraft
Security Information and Event Management in Minecraft
☆117Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for siemcraft
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆252Updated this week
- WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.☆150Updated 3 weeks ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆153Updated 2 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆194Updated 2 years ago
- All kinds of tiny shells☆59Updated last year
- Rapidly Search and Hunt through Linux Forensics Artifacts☆180Updated 10 months ago
- A python script developed to process Windows memory images based on triage type.☆258Updated 11 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆62Updated 2 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆131Updated 2 years ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆109Updated 2 years ago
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆136Updated 4 months ago
- Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…☆125Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆94Updated last year
- This is a collection of threat detection rules / rules engines that I have come across.☆275Updated 6 months ago
- Rules generated from our investigations.☆189Updated 3 weeks ago
- ☆114Updated last year
- A PoC ransomware sample to test out your ransomware response strategy.☆206Updated 6 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆66Updated last week
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆144Updated last year
- MDE relies on some of the Audit settings to be enabled☆97Updated 2 years ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆145Updated last year
- BlackBerry Threat Research & Intelligence☆93Updated last year
- Artifact collection tool for *nix systems☆192Updated 8 months ago
- Teamsniper is a tool for fetching keywords in a Microsoft Teams such as (passwords, emails, database, etc.).☆189Updated 2 years ago
- Anything Sysmon related from the MSTIC R&D team☆146Updated 5 months ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆125Updated 2 years ago
- ☆130Updated 9 months ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆162Updated last week
- A repository of my own Sigma detection rules.☆156Updated 2 months ago
- Threat Hunting & Incident Investigation with Osquery☆198Updated 2 years ago