pfpt-andrew / Rapid-Response-ReportingView external linksLinks
RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provide accurate and timely feedback in the form of reports.
☆37Apr 6, 2022Updated 3 years ago
Alternatives and similar repositories for Rapid-Response-Reporting
Users that are interested in Rapid-Response-Reporting are comparing it to the libraries listed below
Sorting:
- Python web app for previewing data in a Chrome Profile Folder☆23Jul 1, 2024Updated last year
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- yaa - yaml search for humans☆12Dec 8, 2025Updated 2 months ago
- Learn how to get more out of publicly available threat reports to help improve the security posture of your organization! TLP: White Thre…☆15Jun 5, 2023Updated 2 years ago
- A tool to modify timestamps in a packet capture to a user selected date☆31Aug 11, 2021Updated 4 years ago
- Python script to walk a folder or a zip file for SQLite Databases☆37Sep 20, 2023Updated 2 years ago
- ☆14Mar 9, 2023Updated 2 years ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆24Dec 5, 2025Updated 2 months ago
- PerchLabs threat feed☆16Aug 23, 2021Updated 4 years ago
- STIX Tools & Scripts☆47Dec 2, 2013Updated 12 years ago
- Hikeshi is a security incident response application that keeps documenting incidents simple, so you can focus on fighting fires.☆21Mar 6, 2023Updated 2 years ago
- Web app built to allow digital forensic professionals to search for the forensic tools that will parse artifacts from various apps.☆19Apr 30, 2025Updated 9 months ago
- Modified-Thycotic-Secret-Stealer for use with DPAPI and offline Decryption☆19Aug 5, 2022Updated 3 years ago
- A MITRE ATT&CK Lookup Tool☆46Apr 25, 2024Updated last year
- Tweettioc Splunk App☆20Aug 25, 2020Updated 5 years ago
- Shell and Pen-testing Tool☆17May 14, 2025Updated 9 months ago
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆21Jan 5, 2025Updated last year
- Mitigations (AWS WAF, Lambda@Edge/CloudFront Functions) to implement on AWS to attempt to prevent log4j exploitation.☆22Dec 19, 2021Updated 4 years ago
- MITRE Shield website☆19Oct 20, 2021Updated 4 years ago
- My conference presentations☆87Nov 11, 2025Updated 3 months ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆23Oct 9, 2024Updated last year
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Oct 25, 2023Updated 2 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆78Jan 9, 2024Updated 2 years ago
- Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!☆21Aug 23, 2024Updated last year
- Community Detection Signature Build and Distribution Pipeline for YARA, Suricata, Snort and Sigma☆27Jun 20, 2023Updated 2 years ago
- IBM RedCON 2020 - Throwing an AquaWrench into the Kernel☆44Aug 25, 2020Updated 5 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆60Jun 7, 2022Updated 3 years ago
- A repository of DFIR-related Mind Maps geared towards the visual learners!☆551Sep 2, 2022Updated 3 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆89Jul 7, 2022Updated 3 years ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆103Aug 15, 2025Updated 6 months ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆159Jun 15, 2023Updated 2 years ago
- Gmail Enumeration using a glitch described here https://blog.0day.rocks/abusing-gmail-to-get-previously-unlisted-e-mail-addresses-41544b6…☆28Aug 4, 2022Updated 3 years ago
- Ansible build for Afl++ Frida-Mode☆25Jun 8, 2024Updated last year
- Using Microsoft 365 App Passwords for persistence☆23Sep 2, 2020Updated 5 years ago
- Parse a PowerPoint PPTX file, extracting all URL's from notes and slides, and test for validity☆28Apr 4, 2025Updated 10 months ago
- A recreation of the "Nobelium" malware based on Microsofts Malware analysis - Part 1: PDF2Pwn☆101Mar 8, 2023Updated 2 years ago
- ☆14Oct 24, 2024Updated last year