pfpt-andrew / Rapid-Response-Reporting
RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provide accurate and timely feedback in the form of reports.
☆36Updated 2 years ago
Related projects: ⓘ
- ☆40Updated last year
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.☆41Updated last year
- ☆28Updated 3 years ago
- ☆68Updated last year
- Powershell - web traffic whitenoise generator☆46Updated 4 years ago
- My Jupyter Notebooks☆36Updated 5 months ago
- Azure function to insert MISP data in to Azure Sentinel☆30Updated last year
- ☆84Updated 3 months ago
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆21Updated last month
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆108Updated 9 months ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆51Updated 2 years ago
- Recon Hunt Queries☆76Updated 3 years ago
- ReWrite of AChoir in Go for Cross Platform☆28Updated 2 weeks ago
- CSIRT Jump Bag☆26Updated 4 months ago
- Microsoft Threat Protection Advance Hunting Cheat Sheet☆76Updated 4 years ago
- ☆28Updated last year
- ☆41Updated 3 years ago
- ☆50Updated last year
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated 5 months ago
- A PowerShell incident response script for quick triage☆75Updated 2 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated last year
- ☆51Updated 3 years ago
- Collection of scripts provided for public use☆28Updated last month
- Full of public notes and Utilities☆81Updated 3 weeks ago
- My conference presentations☆66Updated 10 months ago
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆64Updated 6 months ago
- A tool that allows you to document and assess any security automation in your SOC☆40Updated 4 months ago
- Pushes Sysmon Configs☆89Updated 3 years ago