rj-chap / CFWorkshopLinks
Understanding and analyzing carrier files workshop repo
☆50Updated 5 years ago
Alternatives and similar repositories for CFWorkshop
Users that are interested in CFWorkshop are comparing it to the libraries listed below
Sorting:
- Random notes collected on the intertubes relating to DFIR☆34Updated last year
- A repo to support the book☆108Updated 3 years ago
- Hunt malware with Volatility☆47Updated last year
- This repo is where I store my Threat Hunting ideas/content☆87Updated 2 years ago
- My Jupyter Notebooks☆36Updated 2 months ago
- Collection of scripts provided for public use☆34Updated last month
- Jupyter notebooks for threat hunting☆56Updated 2 months ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆68Updated 3 weeks ago
- ☆7Updated 7 months ago
- Active Directory Purple Team Playbook☆108Updated 2 years ago
- The Windows Malware Analysis Reversing Core Tools☆95Updated 4 years ago
- Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation☆26Updated last year
- Scripts to facilitate filtering with Plaso☆125Updated 5 years ago
- ☆52Updated last month
- Blueteam operational triage registry hunting/forensic tool.☆147Updated 2 years ago
- How to ARM Yourself - Bsides Tampa 2020☆14Updated 5 years ago
- ☆42Updated 4 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆45Updated 3 years ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆114Updated last year
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆53Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated 2 years ago
- ☆41Updated last year
- A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources t…☆54Updated 3 years ago
- A repo to document API functions mapped to security events across diverse platforms☆75Updated 5 years ago
- ☆87Updated last year
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆78Updated 3 years ago
- Powershell sandboxing utility☆18Updated 2 weeks ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆155Updated 3 years ago
- SEC599 supporting GitHub repository☆16Updated 5 years ago
- ☆34Updated 7 months ago