List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
翻译 - 用于AWS安全的开源工具列表:防御性,攻击性,审计,DFIR等。
Automate the creation of a lab environment complete with security tooling and logging best practices
翻译 - Vagrant&Packer脚本可构建带有安全工具和记录最佳实践的完整实验室环境
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
翻译 - 威胁猎人的剧本,有助于发展狩猎活动的技术和假设。
⭐️ A curated list of awesome forensic analysis tools and resources
Investigate malicious Windows logon by visualizing and analyzing Windows event log
翻译 - 通过可视化和分析Windows事件日志来调查恶意Windows登录
Windows Events Attack Samples
翻译 - Windows 事件攻击示例
A list of cyber-chef recipes and curated links
翻译 - 网络厨师食谱和精选链接列表
Educational, CTF-styled labs for individuals interested in Memory Forensics
翻译 - CTF风格的教育性实验室,面向对记忆取证感兴趣的个人
You didn't think I'd go and leave the blue team out, right?
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
#安卓#The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifacts...
A repository of DFIR-related Mind Maps geared towards the visual learners!
翻译 - 面向视觉学习者的 DFIR 相关思维导图存储库!
Forensics artefact collection tool for systems running Microsoft Windows
翻译 - 适用于运行Microsoft Windows的系统的取证伪像收集工具
Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.
The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportunity to write a chapter of a book to get their name out there, ...
CLI tools for forensic investigation of Windows artifacts