Security Onion + Automation + Response Lab including n8n and Velociraptor
☆114Sep 14, 2022Updated 3 years ago
Alternatives and similar repositories for DinoSOARLab
Users that are interested in DinoSOARLab are comparing it to the libraries listed below
Sorting:
- Run Velociraptor on Security Onion☆40Jul 27, 2022Updated 3 years ago
- Python script for carving Bitlocker VMK keys☆26Feb 4, 2026Updated last month
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated 11 months ago
- An experimental Velociraptor implementation using cloud infrastructure☆26Dec 2, 2025Updated 3 months ago
- Docker image for Velocidex Velociraptor☆146Dec 29, 2025Updated 2 months ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆177Dec 2, 2025Updated 3 months ago
- Repo to hold mcp server for velociraptor☆29Jul 27, 2025Updated 7 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,059Oct 5, 2023Updated 2 years ago
- ☆13Oct 7, 2019Updated 6 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- ☆54May 14, 2024Updated last year
- ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.☆135Jul 25, 2019Updated 6 years ago
- Digging Deeper....☆3,784Updated this week
- PyVelociraptor contains the python bindings for the Velociraptor API.☆21Feb 11, 2026Updated 3 weeks ago
- Documentation used for Shuffle☆21Updated this week
- LSASS enumeration like pypykatz written in C-Lang☆20Dec 1, 2021Updated 4 years ago
- A preconfigured Velociraptor triage collector☆76Feb 16, 2026Updated 2 weeks ago
- ☆34Apr 29, 2021Updated 4 years ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆258Nov 24, 2023Updated 2 years ago
- Sigma Detection Rule Repository☆92Jun 18, 2020Updated 5 years ago
- Cast is an installer for any compatible Saltstack based distribution like SIFT or REMnux☆134Feb 24, 2026Updated last week
- ☆125Mar 27, 2024Updated last year
- Docker build for autopsy☆22Apr 13, 2021Updated 4 years ago
- DFIRTrack - The Incident Response Tracking Application☆532Jan 13, 2026Updated last month
- Documentation and scripts to properly enable Windows event logs.☆672Oct 3, 2025Updated 5 months ago
- ☆46Oct 27, 2023Updated 2 years ago
- All my slides for any talks☆23Oct 13, 2024Updated last year
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆80Feb 9, 2026Updated 3 weeks ago
- CLI generator for Velociraptor offline collector☆16Oct 10, 2025Updated 4 months ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆10Feb 17, 2025Updated last year
- Offensive tool for guessing Active Directory credentials via Kerberos☆10Jan 1, 2024Updated 2 years ago
- MAL-CL (Malicious Command-Line)☆322Jan 10, 2023Updated 3 years ago
- ☆14Oct 24, 2024Updated last year
- Resources for SANS CTI Summit 2021 presentation☆104Nov 8, 2023Updated 2 years ago
- Detect Tactics, Techniques & Combat Threats☆2,264Jan 21, 2026Updated last month
- Bloodhound Portable for Windows☆53Apr 1, 2023Updated 2 years ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆118Nov 28, 2023Updated 2 years ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆646Nov 7, 2025Updated 3 months ago