A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
updated at May 12, 2024, 10:41 a.m.
A toolset to make a system look as if it was the victim of an APT attack
updated at May 12, 2024, 4:22 a.m.
Volatility plugin for extracts configuration data of known malware
updated at May 12, 2024, 3:33 a.m.
A modern tool for Windows kernel exploration and tracing with a focus on security
updated at May 12, 2024, 3:07 a.m.
A curated list of awesome forensic analysis tools and resources
updated at May 12, 2024, 2:25 a.m.
Digital Forensics artifact repository
updated at May 12, 2024, 1:53 a.m.
Small and highly portable detection tests based on MITRE's ATT&CK.
updated at May 11, 2024, 11:17 p.m.
A repository of sysmon configuration modules
updated at May 11, 2024, 11:13 p.m.
An advanced memory forensics framework
updated at May 11, 2024, 9:42 p.m.
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
updated at May 11, 2024, 9:15 p.m.
Cuckoo Sandbox is an automated dynamic malware analysis system
updated at May 11, 2024, 9:13 p.m.
Virtual Machine for Adversary Emulation and Threat Hunting
updated at May 11, 2024, 5:25 p.m.