Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for powershell dfir
dfir
x
powershell
x
42 search results found
Detectionlab
⭐
4,394
Automate the creation of a lab environment complete with security tooling and logging best practices
Sysmon Modular
⭐
2,364
A repository of sysmon configuration modules
Blue Team Notes
⭐
1,344
You didn't think I'd go and leave the blue team out, right?
Azurehunter
⭐
626
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
Wela
⭐
494
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
Adtimeline
⭐
398
Timeline of Active Directory changes with replication metadata
Memprocfs Analyzer
⭐
358
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
Detectionlabelk
⭐
299
DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
Threathunting Keywords
⭐
252
Awesome list of keywords for Threat Hunting sessions
Malwless
⭐
244
Test Blue Team detections without running any attack.
Masterparser
⭐
238
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
Trawler
⭐
224
PowerShell script to help Incident Responders discover potential adversary persistence mechanisms.
Dfir O365rc
⭐
214
PowerShell module for Office 365 and Azure log collection
Collect Memorydump
⭐
186
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
Pypowershellxray
⭐
184
Python script to decode common encoded PowerShell scripts
Windowstimeline
⭐
155
Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)
Win10
⭐
149
Win 10/11 related research
Dfir4vsphere
⭐
110
Powershell module for VMWare vSphere forensics
Forensicminer
⭐
98
A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
Ad Privileged Audit
⭐
71
Provides various Windows Server Active Directory (AD) security-focused reports.
Threathunt
⭐
70
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Queries
⭐
60
SQLite queries
Power Response
⭐
43
Powering Up Incident Response with Power-Response
Ossec Sysmon
⭐
43
A Ruleset to enhance detection capabilities of Ossec using Sysmon
Scripting
⭐
42
PS / Bash / Python / Other scripts For FUN!
Deobshell
⭐
39
Powershell script deobfuscation using AST in Python
Pshero
⭐
34
PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
Prefetch Browser
⭐
32
Browse Windows Prefetch versions: 17,23,26,30v1/2 & some of SuperFetch .7db/.db's
Windowsdfir
⭐
30
Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or events.
Get Networkconnection
⭐
29
Edited version of Lee Christensen's Get-NetworkConnection which includes timestamp for each network connection
Pstrace
⭐
27
Trace ScriptBlock execution for powershell v2
Evilize
⭐
26
Parses Windows event logs files based on SANS Poster
Opensource Endpoint Monitoring
⭐
21
This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
Forensicssetup
⭐
19
An open source project aimed to replicate the Windows SIFT Machine and tools used during SANS Courses minus any payware software.
Ir_scripts
⭐
15
incident response scripts
Dfir Orc Config
⭐
12
Configurations for DFIR ORC
Azureforensics
⭐
10
Pcaparser
⭐
7
A PowerShell script that can be used to parse and convert to CSV the new Windows 11 artifacts found in C:\Windows\appcompat\pca
Get Minitimeline
⭐
6
Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE
Forensic Artifact Automation
⭐
6
A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing open-source tools, such as Kape (Kroll Artifact Parser and Extractor), to forensically acquire and process necessary artifact used in compromise assessments. Additional scripts provide pre-processing automation capabilities and other supporting functions.
Invoke Bitsparser
⭐
6
Sharing my BITS
Presentations
⭐
5
Archive of presentations shared with the DFIR community.
Related Searches
Script Powershell (2,243)
Powershell Azure (1,583)
C Sharp Powershell (1,000)
Powershell Microsoft (754)
Command Line Powershell (636)
Python Powershell (603)
Server Powershell (436)
Docker Powershell (407)
Deployment Powershell (398)
Sql Powershell (390)
1-42 of 42 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.