tstillz / cbr-timelinerView external linksLinks
Quick script to build host or investigation timelines using Carbon Black Response
☆12Sep 25, 2018Updated 7 years ago
Alternatives and similar repositories for cbr-timeliner
Users that are interested in cbr-timeliner are comparing it to the libraries listed below
Sorting:
- ☆39Jun 28, 2019Updated 6 years ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆17Jan 5, 2023Updated 3 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Collection of useful, up to date, Carbon Black Response Queries☆84Oct 23, 2020Updated 5 years ago
- VMDK Forensic Artifact Extractor (VFAE) is windows based tool written in C++ that extracts files with a known location from VMDK images r…☆17Aug 7, 2015Updated 10 years ago
- Registry timestamp manipulation☆17Feb 26, 2014Updated 11 years ago
- Command line interface to Carbon Black Response☆38May 12, 2020Updated 5 years ago
- It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving☆42Apr 23, 2020Updated 5 years ago
- VMware Snapshot Forensic Comparison Scripts☆25Mar 19, 2013Updated 12 years ago
- ☆18Sep 13, 2021Updated 4 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Mitre Att&ck Technique Emulation☆82Mar 6, 2019Updated 6 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- Forensic Analysis Tool for Btrfs File System.☆20Aug 6, 2018Updated 7 years ago
- Tool for analysts to perform simultaneous lookups (IP, Domain, URL, MD5) against multiple data sources☆28Jan 27, 2017Updated 9 years ago
- Carbon Black Response IR tool☆55Dec 10, 2020Updated 5 years ago
- Carbon Black API - Python language bindings☆145Aug 22, 2024Updated last year
- A command line utility to aid in using autofocus for IR and research☆27Oct 22, 2019Updated 6 years ago
- ☆11Feb 9, 2023Updated 3 years ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Jul 4, 2024Updated last year
- A WDAC configuration repository with the sole intention of enriching MDE☆30Jun 18, 2025Updated 7 months ago
- ☆115Jan 31, 2024Updated 2 years ago
- Merge all Yara rules from official Yara github repository in one .yar file☆31Jun 22, 2018Updated 7 years ago
- integrating bro into yara☆33Dec 9, 2014Updated 11 years ago
- ☆82Jul 5, 2016Updated 9 years ago
- Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.☆73May 5, 2024Updated last year
- Evidence Fetcher (efetch) is a web-based file explorer, viewer, and analyzer.☆39Apr 11, 2020Updated 5 years ago
- ETHICAL-HACKING☆12Dec 20, 2023Updated 2 years ago
- 🌌 Real-time threat detection for smart contracts☆10May 16, 2023Updated 2 years ago
- A simple intrusion detection system that detects anomalous IP payloads, vertical and horizontal port scanning attacks in the selected net…☆10Apr 16, 2018Updated 7 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆345Jun 25, 2022Updated 3 years ago
- ☆43Jul 6, 2022Updated 3 years ago
- parser for Google search strings☆40Sep 14, 2019Updated 6 years ago
- Alternative password shadowing scheme☆10Dec 1, 2025Updated 2 months ago
- Sample queries for Advanced hunting in Windows Defender ATP☆11Apr 22, 2020Updated 5 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- The Sentinel.blog Repository provides automation tools for updating Analytics Rules, Content Hub Solutions, and Workbooks, eliminating re…☆17Updated this week
- A repository of example scripts, templates and modules for deploying SentinelOne agents☆24Dec 12, 2025Updated 2 months ago
- Perform file-based malware scan on your on-prem servers with AWS☆14Oct 31, 2023Updated 2 years ago