"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
created at Oct. 5, 2017, 11:44 p.m.
CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.
created at Jan. 30, 2016, 4:58 a.m.
An information security preparedness tool to do adversarial simulation.
created at Nov. 1, 2017, 9:24 p.m.
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
created at Sept. 18, 2020, 5:04 a.m.
This is the development tree. Production downloads are at:
created at April 3, 2012, 4:36 a.m.
A modern tool for Windows kernel exploration and tracing with a focus on security
created at March 25, 2016, 11:28 a.m.
Virtual Machine for Adversary Emulation and Threat Hunting
created at March 14, 2018, 7:31 p.m.
Digital Forensics artifact repository
created at Oct. 31, 2014, 7:13 p.m.
PagerDuty's Incident Response Documentation.
created at Nov. 28, 2016, 5:58 p.m.
Rapidly Search and Hunt through Windows Forensic Artefacts
created at Aug. 13, 2021, 1:07 p.m.
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
created at Dec. 26, 2020, 9:52 p.m.
Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com
created at Oct. 13, 2014, 9:26 p.m.
A forensic evidence collection & analysis toolkit for OS X
created at Aug. 4, 2014, 6:25 p.m.
PowerForensics provides an all in one platform for live disk forensic analysis
created at March 7, 2015, 5:12 p.m.
OS X Auditor is a free Mac OS X computer forensics tool
created at June 19, 2013, 5:26 p.m.