rkovar / sunburstlookups
Quick lookup files for SUNBURST Backdoor
☆12Updated 3 years ago
Related projects: ⓘ
- Dashboards for conducting forensic investigation using windows events in Kibana☆17Updated 5 years ago
- Volatility plugins developed and maintained by the community☆21Updated 6 years ago
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆23Updated 5 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆51Updated 3 years ago
- PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.☆38Updated 2 years ago
- Powershell Functions to interact with TheHive-Project☆10Updated 5 years ago
- Intrusion Detection Honeypots Book Code☆23Updated 4 years ago
- Python command line tool used for generating GIAC Certification indexes.☆22Updated last year
- My Jupyter Notebooks☆36Updated 5 months ago
- Expert Investigation Guides☆50Updated 3 years ago
- MITRE Shield website☆18Updated 2 years ago
- ☆34Updated 3 years ago
- Threat Hunter's Knowledge Base☆21Updated 2 years ago
- CSIRT Jump Bag☆26Updated 4 months ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- ☆76Updated 5 years ago
- Incident Response Report Using GitHub-Sphinx☆19Updated 4 years ago
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆22Updated 2 months ago
- ☆21Updated 3 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- Splunk app for Threat hunting☆15Updated 5 years ago
- ☆28Updated 5 years ago
- ☆41Updated 5 months ago
- Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.☆30Updated last year
- Corelight@Home script☆39Updated 11 months ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆15Updated 3 years ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆36Updated 2 years ago
- Sharing Threat Hunting runbooks☆24Updated 5 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 2 years ago
- Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".☆14Updated 3 years ago