tesorion / TCERT-Cumulonimbus-UAL_Extractor

Related projects: ⓘ

• zolderio / misp-to-sentinel
  Azure function to insert MISP data in to Azure Sentinel
  ☆30Updated last year
• svch0stz / velociraptor-detections
  ☆19Updated last year
• mattnotmax / DFIR-notes
  Random notes collected on the intertubes relating to DFIR
  ☆32Updated last year
• bengoerz / PurpleTeamDocs
  ☆28Updated 3 years ago
• rj-chap / ransomware_tips
  Random tips and tricks RE: ransomware
  ☆14Updated 3 years ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆47Updated 2 weeks ago
• secnnet / CrowdStrike-Falcon-Search-Queries
  ☆13Updated last year
• biffalo / easy-wins-endpoint-defense
  Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…
  ☆38Updated 5 months ago
• OMENScan / AChoirX
  ReWrite of AChoir in Go for Cross Platform
  ☆28Updated 2 weeks ago
• MagnetForensics / Magnet-RESPONSE-PowerShell
  PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.
  ☆20Updated 4 months ago
• csababarta / memory-baseliner
  Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…
  ☆47Updated last year
• Dead-Simple-Scripts / AutoLLR
  Script to automate Linux live evidence collection
  ☆27Updated 2 years ago
• dwmetz / PSHero
  PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
  ☆35Updated last year
• MattETurner / DFIRlogbook
  Logbook for Digital Forensics and Incident Response
  ☆48Updated 2 months ago
• vadim-hunter / Threat-Hunters-KB
  Threat Hunter's Knowledge Base
  ☆21Updated 2 years ago
• Ruler-Project / ruler-project
  Remote access and Antivirus Logging Database
  ☆39Updated 4 months ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• DCScoder / ESXiTri
  ESXi Cyber Security Incident Response Script
  ☆19Updated 2 weeks ago
• QueenSquishy / Zombie
  General Content
  ☆19Updated 2 months ago
• DefensiveOrigins / DO-LAB
  ☆42Updated 3 months ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆26Updated 4 months ago
• AndrewRathbun / EventTranscript.db-Research
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆38Updated 2 years ago
• TazWake / Public
  Collection of scripts provided for public use
  ☆28Updated last month
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated 5 months ago
• edelucia / rules
  Cyber Threats Detection Rules
  ☆13Updated last week
• CompassSecurity / Readinizer
  Microsoft GPO Readiness Lateral Movement Detection Tool
  ☆15Updated last year
• stvemillertime / RonnieColemanYARAParser
  An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.
  ☆21Updated last year
• pfpt-andrew / Rapid-Response-Reporting
  RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…
  ☆36Updated 2 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 5 months ago