rj-chap / ransomware_tips
Random tips and tricks RE: ransomware
☆14Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for ransomware_tips
- ☆19Updated last year
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆35Updated last year
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆12Updated 5 years ago
- General Content☆20Updated 3 months ago
- ☆43Updated 3 weeks ago
- An exercise to practice deobfuscating PowerShell Scripts.☆28Updated last year
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated last year
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆17Updated last year
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- ☆40Updated 3 years ago
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆34Updated last year
- Threat Box Assessment Tool☆19Updated 3 years ago
- Azure function to insert MISP data in to Azure Sentinel☆30Updated 2 years ago
- ReWrite of AChoir in Go for Cross Platform☆34Updated 3 weeks ago
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆36Updated 7 months ago
- CSIRT Jump Bag☆27Updated 6 months ago
- ☆29Updated 3 years ago
- ESXi Cyber Security Incident Response Script☆20Updated 2 months ago
- ☆28Updated 3 years ago
- Logbook for Digital Forensics and Incident Response☆49Updated 3 months ago
- This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet☆10Updated last year
- Forensics artifacts collection☆19Updated 3 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated last month
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated last week
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆15Updated 2 weeks ago
- ☆19Updated 3 years ago
- High-level Threat Intelligence playbooks☆16Updated 3 years ago
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Updated last year