Alternatives and similar repositories for dc29-btv-2021

Users that are interested in dc29-btv-2021 are comparing it to the libraries listed below

• ashemery / WindowsDFIR
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆78Updated 3 years ago
• DefensiveOrigins / DO-LAB
  ☆47Updated 2 months ago
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆88Updated 2 years ago
• sans-blue-team / DNS-Exfiltrate
  ☆26Updated 2 years ago
• rj-chap / CFWorkshop
  Understanding and analyzing carrier files workshop repo
  ☆50Updated 5 years ago
• ahhh / Cybersecurity-Tradecraft
  A repo to support the book
  ☆108Updated 3 years ago
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆82Updated last year
• YossiSassi / hAcKtive-Directory-Forensics
  ☆53Updated 2 months ago
• nyxgeek / track_the_planet
  DEFCON 31 slide deck and video link
  ☆63Updated 3 weeks ago
• ssnkhan / adversarial-threat-modelling
  Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop
  ☆68Updated last month
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆27Updated last year
• HuskyHacks / MalAPIReader
  Reads and prints information from the website MalAPI.io
  ☆38Updated 3 years ago
• MalTrakLab / purple-team-cloud-lab
  Cloud-based AD lab created to help you test real attacks in a controlled environment and create detection rules for them
  ☆28Updated last year
• biffalo / easy-wins-endpoint-defense
  Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…
  ☆38Updated last year
• joswr1ght / basicblobfinder
  Identify Azure blobs using a wordlist of account name and container name strings
  ☆43Updated 3 months ago
• secgroundzero / KQL_Reference_Manual
  ☆43Updated 4 years ago
• nrrpinto / inquisitor
  Forensics artifacts collection
  ☆20Updated 4 years ago
• tsale / EDR-Telemetry-Website
  ☆74Updated 3 weeks ago
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆95Updated 2 years ago
• mvelazc0 / PurpleTeamPlaybook
  Active Directory Purple Team Playbook
  ☆108Updated 2 years ago
• C0axx / CanaryHunter
  Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org
  ☆121Updated 2 years ago
• mikoiv / MicrosoftSentinel-ShodanMonitor
  Ingesting Shodan Monitor Alerts to Microsoft Sentinel
  ☆34Updated last year
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆77Updated last year
• Res260 / conti_202202_leak_procedures
  This repository contains procedures found in the Feb 2022 conti leaks. They were taken from the "manual_teams_c" rocketchat channel in th…
  ☆87Updated 3 years ago
• rj-chap / ransomware_tips
  Random tips and tricks RE: ransomware
  ☆14Updated 3 years ago
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆52Updated 6 months ago
• jonny-jhnson / Marvel-Lab
  A collection of Powershell scripts that will help automate the build process for a Marvel domain.
  ☆147Updated last year
• dfir-scripts / siftgrab
  ☆68Updated 6 months ago
• CyberDefend3r / PowerShell-Deobfuscation-Exercise
  An exercise to practice deobfuscating PowerShell Scripts.
  ☆27Updated 2 years ago
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆33Updated last month