Small and highly portable detection tests based on MITRE's ATT&CK.
updated at May 25, 2024, 5:37 p.m.
Collection of Event ID ressources useful for Digital Forensics and Incident Response
updated at May 25, 2024, 3:37 p.m.
Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.
updated at May 25, 2024, 3:27 p.m.
Rapidly Search and Hunt through Windows Forensic Artefacts
updated at May 25, 2024, 2:50 p.m.
Sysmon configuration file template with default high-quality event tracing
updated at May 25, 2024, 12:07 p.m.
Malware Configuration And Payload Extraction
updated at May 25, 2024, 7:43 a.m.
This is the development tree. Production downloads are at:
updated at May 25, 2024, 12:15 a.m.
Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com
updated at May 24, 2024, 10:23 p.m.
Digital Forensics artifact repository
updated at May 24, 2024, 7:53 p.m.
An information security preparedness tool to do adversarial simulation.
updated at May 24, 2024, 6:38 p.m.
A repository of sysmon configuration modules
updated at May 24, 2024, 5:46 p.m.