secwest / fast-fwsign
☆25Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for fast-fwsign
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆63Updated 9 months ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 3 weeks ago
- Indicators of Normality☆12Updated 2 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 6 months ago
- PowerShell script that abuses browser bookmark synchronization as a mechanism for sending and receiving data between systems.☆15Updated 2 years ago
- Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)☆43Updated 2 years ago
- Scripts and lists to help generate YARA friendly string mutations☆19Updated last year
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆48Updated 8 months ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated last month
- CSIRT Jump Bag☆27Updated 6 months ago
- Can you pay the ransom in your country?☆14Updated 11 months ago
- ☆15Updated 3 years ago
- A happy place for detection engineers, purple teamers and threat hunters focusing on macOS.☆20Updated 2 years ago
- The Atomic Playbook contains TTPs from the MITRE ATT&CK framework mapped to the tests in the Atomic Red Team. It serves as a single resou…☆31Updated 10 months ago
- A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.☆27Updated last week
- ☆23Updated 2 years ago
- ☆14Updated last year
- ☆26Updated 2 years ago
- Linux #rootkit and #malware revealer☆17Updated 3 months ago
- Penguin OS Forensic (or Flight) Recorder☆37Updated 4 months ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆24Updated 4 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- Yara Rules for Modern Malware☆67Updated 8 months ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆56Updated last year
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆34Updated last year
- Offensive Research Guide to Help Defense Improve Detection☆29Updated last year
- Converts Sigma detection rules to a Splunk alert configuration.☆13Updated 3 years ago
- Logbook for Digital Forensics and Incident Response☆49Updated 4 months ago
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆24Updated last year
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆21Updated 2 years ago