#roff #ctf #ctfchallenges #dfir #digitalforensics #forensics #memoryforensics #security #windows
https://github.com/stuxnet999/MemLabs
https://github.com/stuxnet999/MemLabs
GitHub
GitHub - stuxnet999/MemLabs: Educational, CTF-styled labs for individuals interested in Memory Forensics
Educational, CTF-styled labs for individuals interested in Memory Forensics - stuxnet999/MemLabs
#other #incident_response #malware #regular_expression #dfir #data_manipulation #cyberchef #cyberchef_recipes
https://github.com/mattnotmax/cyberchef-recipes
https://github.com/mattnotmax/cyberchef-recipes
GitHub
GitHub - mattnotmax/cyberchef-recipes: A list of cyber-chef recipes and curated links
A list of cyber-chef recipes and curated links. Contribute to mattnotmax/cyberchef-recipes development by creating an account on GitHub.
#other #dfir #digitalforensics #eztools #kape #mindmaps #rdp #tcpdump
https://github.com/rathbuna/DFIRMindMaps
https://github.com/rathbuna/DFIRMindMaps
GitHub
GitHub - AndrewRathbun/DFIRMindMaps: A repository of DFIR-related Mind Maps geared towards the visual learners!
A repository of DFIR-related Mind Maps geared towards the visual learners! - AndrewRathbun/DFIRMindMaps
#powershell #analysis #dfir #event #forensics #hunting #incident #log #logs #response #sigma #threat #timeline #windows
https://github.com/Yamato-Security/WELA
https://github.com/Yamato-Security/WELA
GitHub
GitHub - Yamato-Security/WELA: Windows Event Log Auditor
Windows Event Log Auditor. Contribute to Yamato-Security/WELA development by creating an account on GitHub.
#powershell #azforensics #azure #azure_forensics #azuresearcher #cloud_forensics #cybersecurity #dfir #digital_forensics #incident_response #powershellv5 #threat_hunting #threathunting #unifiedauditlog
https://github.com/darkquasar/AzureHunter
https://github.com/darkquasar/AzureHunter
GitHub
GitHub - darkquasar/AzureHunter: A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365 - darkquasar/AzureHunter
#other #azure #blueteam #cybersecurity #defender_for_endpoint #dfir #infosec #kql #mde #mdi #security #sentinel #threat_hunting #vulnerability_management #zero_day
https://github.com/Bert-JanP/Hunting-Queries-Detection-Rules
https://github.com/Bert-JanP/Hunting-Queries-Detection-Rules
GitHub
GitHub - Bert-JanP/Hunting-Queries-Detection-Rules: KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection…
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rul...
#other #computer_forensics #dfir #digital_forensics #forensic_analysis #free #open_source
https://github.com/cugu/awesome-forensics
https://github.com/cugu/awesome-forensics
GitHub
GitHub - cugu/awesome-forensics: ⭐️ A curated list of awesome forensic analysis tools and resources
⭐️ A curated list of awesome forensic analysis tools and resources - cugu/awesome-forensics
#yara #awesome_list #blueteam #blueteam_tools #cti #detection #detection_engineering #dfir #hacktools #incident_response #ioc #iocs #ir #ransomware #redteam #rmm #security #siem #soc #threat_hunting #threat_intelligence
You can access comprehensive security detection lists and threat hunting resources that help identify malicious activity across your infrastructure. These curated collections include indicators like suspicious file hashes, domain names, IP addresses, and behavioral patterns organized by threat type—from ransomware and phishing to command-and-control servers and vulnerable drivers. By integrating these lists into your security tools like SIEM platforms and endpoint detection systems, you gain immediate visibility into known threats while learning detection methodologies through guides and YARA rules. This accelerates your ability to hunt for compromises, validate security controls, and stay current with emerging attack techniques without building detection logic from scratch.
https://github.com/mthcht/awesome-lists
You can access comprehensive security detection lists and threat hunting resources that help identify malicious activity across your infrastructure. These curated collections include indicators like suspicious file hashes, domain names, IP addresses, and behavioral patterns organized by threat type—from ransomware and phishing to command-and-control servers and vulnerable drivers. By integrating these lists into your security tools like SIEM platforms and endpoint detection systems, you gain immediate visibility into known threats while learning detection methodologies through guides and YARA rules. This accelerates your ability to hunt for compromises, validate security controls, and stay current with emerging attack techniques without building detection logic from scratch.
https://github.com/mthcht/awesome-lists
GitHub
GitHub - mthcht/awesome-lists: Awesome Security lists for SOC/CERT/CTI
Awesome Security lists for SOC/CERT/CTI. Contribute to mthcht/awesome-lists development by creating an account on GitHub.