rj-chap / ransomware_tips
Random tips and tricks RE: ransomware
☆14Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for ransomware_tips
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆18Updated last year
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆12Updated 5 years ago
- ☆43Updated last month
- ☆19Updated last year
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆35Updated last year
- ☆28Updated 4 years ago
- General Content☆20Updated 4 months ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- ☆15Updated 3 years ago
- Azure function to insert MISP data in to Azure Sentinel☆30Updated 2 years ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆56Updated last week
- ☆40Updated last year
- CSIRT Jump Bag☆27Updated 6 months ago
- Baseline a Windows System against LOLBAS☆25Updated 6 months ago
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆34Updated last year
- An exercise to practice deobfuscating PowerShell Scripts.☆28Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆90Updated 2 years ago
- ☆40Updated 3 years ago
- my MSTICpy practice and custom tools repository☆11Updated 2 weeks ago
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆36Updated 7 months ago
- ☆25Updated 3 years ago
- Forensics artifacts collection☆19Updated 3 years ago
- ReWrite of AChoir in Go for Cross Platform☆35Updated last week
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆22Updated 3 months ago
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Updated last year
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated last month
- Threat Box Assessment Tool☆19Updated 3 years ago
- gundog - guided hunting in Microsoft Defender☆52Updated 3 years ago