Custom analyzers for the Cortex (https://thehive-project.org/, https://github.com/CERT-BDF/Cortex)
-
Updated
Oct 22, 2017 - HTML
Custom analyzers for the Cortex (https://thehive-project.org/, https://github.com/CERT-BDF/Cortex)
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
"Fly with me for a minute."
Common output format for hashlookup
Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
The DFIR.Science research blog about digital forensic investigation.
A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. Please add a new issue if you have an idea for something to add.
Windows Events Attack Samples
Automate the creation of a lab environment complete with security tooling and logging best practices
The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifacts that may no longer be readily available anymore.
Documentation, cheatsheets and resources regarding digital forensics.
The source code for my personal blog, including the great work done by Dean Attali at https://beautifuljekyll.com that powers the theme/design
My personal blog
Awesome list of keywords and artifacts for Threat Hunting sessions
Documentation for DFIR ORC, artefact collection tool dedicated to Microsoft Windows
Add a description, image, and links to the dfir topic page so that developers can more easily learn about it.
To associate your repository with the dfir topic, visit your repo's landing page and select "manage topics."