DfirJos

DFIR stuff

Pinned Repositories

aws-tools-for-powershell
The AWS Tools for PowerShell lets developers and administrators manage their AWS services from the PowerShell scripting environment.
Language:C#00
CnC-detection
Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation
Language:Bro17 2 03
CVE-2019-19781
DFIR notes for Citrix ADC (NetScaler) appliances vulnerable to CVE-2019-19781
0 1 00
CyberThreatHunting
A collection of resources for Threat Hunters
Language:Python00
DNS-tracer
Tracing the source of internal DNS requests with Microsoft Event Trace Log (ETL) files
Language:PowerShell3 1 00
import-configurations
Import configurations for Firefly III
00
joy
A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.
Language:C0 2 00
KapeFiles
This repository serves as a place for community created Targets and Modules for use with KAPE.
0 0 00
Parse-and-Enrich
Language:Python0 1 00
sjosz-KAPE_mft
Logstash config that uploads CSV file containing parsed MFT with MFTEcmd
1 1 00

DfirJos's Repositories

DfirJos/CnC-detection
Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation
Language:Bro17 2 03
DfirJos/DNS-tracer
Tracing the source of internal DNS requests with Microsoft Event Trace Log (ETL) files
Language:PowerShell3 1 00
DfirJos/sjosz-KAPE_mft
Logstash config that uploads CSV file containing parsed MFT with MFTEcmd
1 1 00
DfirJos/aws-tools-for-powershell
The AWS Tools for PowerShell lets developers and administrators manage their AWS services from the PowerShell scripting environment.
Language:C#00
DfirJos/CVE-2019-19781
DFIR notes for Citrix ADC (NetScaler) appliances vulnerable to CVE-2019-19781
0 1 00
DfirJos/CyberThreatHunting
A collection of resources for Threat Hunters
Language:Python00
DfirJos/import-configurations
Import configurations for Firefly III
00
DfirJos/joy
A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.
Language:C0 2 00
DfirJos/KapeFiles
This repository serves as a place for community created Targets and Modules for use with KAPE.
0 0 00
DfirJos/Parse-and-Enrich
Language:Python0 1 00
DfirJos/malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
0 0
DfirJos/openssh-portable
Portable OpenSSH, all Win32-OpenSSH releases and wiki are managed at https://github.com/powershell/Win32-OpenSSH
DfirJos/RECmd
Command line access to the Registry
DfirJos/RegistryPlugins
DfirJos/sysmon-config
Sysmon configuration file template with default high-quality event tracing
0 0
DfirJos/velociraptor
Digging Deeper....
Language:Go0 0
DfirJos/velociraptor-docs
Documentation site for Velociraptor
Language:HTML0 0

DfirJos

Pinned Repositories

aws-tools-for-powershell

CnC-detection

CVE-2019-19781

CyberThreatHunting

DNS-tracer

import-configurations

joy

KapeFiles

Parse-and-Enrich

sjosz-KAPE_mft

DfirJos's Repositories

DfirJos/CnC-detection

DfirJos/DNS-tracer

DfirJos/sjosz-KAPE_mft

DfirJos/aws-tools-for-powershell

DfirJos/CVE-2019-19781

DfirJos/CyberThreatHunting

DfirJos/import-configurations

DfirJos/joy

DfirJos/KapeFiles

DfirJos/Parse-and-Enrich

DfirJos/malleable-c2

DfirJos/openssh-portable

DfirJos/RECmd

DfirJos/RegistryPlugins

DfirJos/sysmon-config

DfirJos/velociraptor

DfirJos/velociraptor-docs