vertoforce / docker-sof-elk
A dockerized version of the sof-elk project
☆10Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for docker-sof-elk
- Powershell - web traffic whitenoise generator☆46Updated 4 years ago
- The PoLRBear Project☆35Updated 3 years ago
- Identifies physical locations where a laptop has been based upon wireless profiles and wireless data recorded in event logs☆91Updated 3 years ago
- FOR508 Index - GCFA☆19Updated 6 years ago
- Crack base64(sha256(username)) hash from Microsoft Event ID 1029☆18Updated last year
- ☆41Updated 3 years ago
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images☆78Updated last year
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆71Updated 10 months ago
- Collection of useful, up to date, Carbon Black Response Queries☆83Updated 4 years ago
- ☆1Updated last month
- My Jupyter Notebooks☆36Updated 7 months ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- ☆31Updated last month
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆36Updated 2 years ago
- Invoke-LiveResponse☆145Updated 2 years ago
- Scripts to facilitate filtering with Plaso☆125Updated 4 years ago
- Powering Up Incident Response with Power-Response☆62Updated 4 years ago
- Volatility plugins developed and maintained by the community☆21Updated 2 months ago
- ☆32Updated last year
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- Hunt malware with Volatility☆47Updated 6 months ago
- ☆77Updated 5 years ago
- SEC599 supporting GitHub repository☆15Updated 5 years ago
- Tools to automate and/or expedite response.☆113Updated 4 months ago
- Volatility plugins created by the author☆44Updated 9 years ago
- Detection of obfuscated Powershell commands☆54Updated last year
- The gse-study repo was assembled to serve as a consolidated, and comprehensive, study solution for the SANS GSE exam.☆25Updated 6 years ago
- Let's obscure some IPv4 addresses☆36Updated 2 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆39Updated 2 years ago
- Parses KAPE module files and downloads binaries referenced by BinaryURL☆18Updated 5 years ago