pathtofile / siemcraft
Security Information and Event Management in Minecraft
☆115Updated 2 years ago
Related projects: ⓘ
- WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.☆149Updated 6 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆62Updated 2 years ago
- A python script developed to process Windows memory images based on triage type.☆259Updated 9 months ago
- How to setup a honeypot with an IDS, ELK and TLS traffic inspection☆150Updated 2 years ago
- Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…☆121Updated 11 months ago
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆248Updated 11 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆143Updated 11 months ago
- IOCs published by Black Lotus Labs☆91Updated this week
- Rules generated from our investigations.☆186Updated last month
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Updated 2 years ago
- Rapidly Search and Hunt through Linux Forensics Artifacts☆174Updated 8 months ago
- Sigma rule specification☆105Updated 3 weeks ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆192Updated 2 years ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆141Updated last year
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆131Updated 2 years ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆109Updated 2 years ago
- ☆113Updated 11 months ago
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.☆48Updated 2 weeks ago
- Data visualization for blue teams☆122Updated last year
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆200Updated 9 months ago
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆135Updated 2 months ago
- ☆72Updated last month
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆159Updated 5 months ago
- The Sigma command line interface based on pySigma☆130Updated last month
- ☆68Updated this week
- Automated security lab provisioning☆65Updated 2 months ago
- ☆168Updated 8 months ago
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆152Updated 2 months ago
- Leaked communication of Conti ransomware group from Jan 29, 2021 to Feb 27, 2022☆128Updated 2 years ago