Stars
A resource containing all the tools each ransomware gangs uses
Repository containing IOCs, CSV and MISP JSON from our blogs
Indicators of Compromises (IOC) of our various investigations
This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
FireEye Publicly Shared Indicators of Compromise (IOCs)
Export Meraki Network Configuration to JSON
Run Windows apps on 🐧 Linux with ✨ seamless integration
A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Too…
A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat intelligence.
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditiona…
Directory Services Internals (DSInternals) PowerShell Module and Framework
Sophos-originated indicators-of-compromise from published reports
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Small and highly portable detection tests based on MITRE's ATT&CK.
The FLARE team's open-source tool to identify capabilities in executable files.
Collection of Event ID ressources useful for Digital Forensics and Incident Response
Lambda function that streamlines containment of an AWS account compromise
A list of RMMs designed to be used in automation to build alerts
PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.