Repository navigation
dfir
- Website
- Wikipedia
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
A curated list of tools for incident response
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Automate the creation of a lab environment complete with security tooling and logging best practices
⭐️ A curated list of awesome forensic analysis tools and resources
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
IntelOwl: manage your Threat Intelligence at scale
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Loki - Simple IOC and YARA Scanner
Rapidly Search and Hunt through Windows Forensic Artefacts
Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
Investigate malicious Windows logon by visualizing and analyzing Windows event log
A repository of sysmon configuration modules
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
YARA signature and IOC database for my scanners and tools
Windows Events Attack Samples
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
A list of cyber-chef recipes and curated links