pfpt-andrew / Rapid-Response-Reporting

Related projects: ⓘ

• humio / security_monitoring
  ☆40Updated last year
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• Silv3rHorn / BulkStrike
  BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.
  ☆41Updated last year
• bengoerz / PurpleTeamDocs
  ☆28Updated 3 years ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆68Updated last year
• DefensiveOrigins / ps-whitenoiseweb
  Powershell - web traffic whitenoise generator
  ☆46Updated 4 years ago
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated 5 months ago
• zolderio / misp-to-sentinel
  Azure function to insert MISP data in to Azure Sentinel
  ☆30Updated last year
• ReconInfoSec / velociraptor-to-timesketch
  ☆84Updated 3 months ago
• jafarspalace / Crowdstrike-Falcon-Scripts
  Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation
  ☆21Updated last month
• swisscom / Invoke-Forensics
  Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
  ☆108Updated 9 months ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆51Updated 2 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆76Updated 3 years ago
• OMENScan / AChoirX
  ReWrite of AChoir in Go for Cross Platform
  ☆28Updated 2 weeks ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆26Updated 4 months ago
• miladaslaner / AdvHuntingCheatSheet
  Microsoft Threat Protection Advance Hunting Cheat Sheet
  ☆76Updated 4 years ago
• 00010111 / smbtimeline
  ☆28Updated last year
• megan201296 / gsuite-dfir
  ☆41Updated 3 years ago
• SentineLabs / S1QL-Queries
  ☆50Updated last year
• biffalo / easy-wins-endpoint-defense
  Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…
  ☆38Updated 5 months ago
• nov3mb3r / trident
  A PowerShell incident response script for quick triage
  ☆75Updated 2 years ago
• jokezone / Update-Sysmon
  This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.
  ☆82Updated last year
• sans-blue-team / sec530-wiki
  ☆51Updated 3 years ago
• TazWake / Public
  Collection of scripts provided for public use
  ☆28Updated last month
• MHaggis / notes
  Full of public notes and Utilities
  ☆81Updated 3 weeks ago
• olafhartong / Presentations
  My conference presentations
  ☆66Updated 10 months ago
• mattnotmax / DFIR-notes
  Random notes collected on the intertubes relating to DFIR
  ☆32Updated last year
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆64Updated 6 months ago
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆40Updated 4 months ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆89Updated 3 years ago