pthomp Goto Github PK

aptsimulator

A toolset to make a system look as if it was the victim of an APT attack

awesome-kape

A curated list of KAPE-related resources

aws-incident-response-playbooks

blue-team-cheat-sheets

Blue Team Cheat Sheats

csirt-collect

PowerShell script to collect memory and (triage) disk forensics

cuckoo3

Cuckoo 3 is a Python 3 open source automated malware analysis system.

detectionlab

Automate the creation of a lab environment complete with security tooling and logging best practices

detectionlabelk

DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.

dfirartifactmuseum

The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifacts that may no longer be readily available anymore.

dfirmindmaps

A repository of DFIR-related Mind Maps geared towards the visual learners!

dfirregex

A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.

dfirtrack

DFIRTrack - The Incident Response Tracking Application

digital-forensics-lab-frankwxu

Free hands-on digital forensics labs for students and faculty

directoryopus-dfirconfig

A config file that's curated for DFIR examiners with shortcuts to common Windows artifacts and settings enabled that help make your life easier with various file management tasks.

flipper

Playground (and dump) of stuff I make or modify for the Flipper Zero

forensicposters

graphrunner

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

grr

GRR Rapid Response: remote live forensics for incident response

icmp-transfertools

Transfer files to and from a Windows host via ICMP in restricted network environments.

ir_methodologies

Incident Response Methodologies 2022

kapedocs

Documentation repository

kapefiles

This repository serves as a place for community created Targets and Modules for use with KAPE.

kql

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

lawenforcementresources

Resources provided by the community that can serve to be useful for Law Enforcement worldwide

open-source-security-guide

Open Source Security Guide. Learn all about Security Standards, Frameworks, Threat Models, Encryption, and Benchmarks.

oscp

OSCP Guide

oscp-enumeration-cheat-sheet

A collection of commands and tools used for conducting enumeration during my OSCP journey

powerforensics

PowerForensics provides an all in one platform for live disk forensic analysis

pythoncrashcourse

Online resources for Python Crash Course (Second Edition), from No Starch Press

registry

Full featured, offline Registry parser in C#