Pinned Repositories
ATTACK
MITRE ATT&CK Windows Logging Cheat Sheets
awesome-mitre-attack
A curated list of awesome resources related to Mitre ATT&CK™ Framework
dfirtriage
Digital forensic acquisition tool for Windows based incident response.
ForensicPosters
Microsoft-365-Defender-Hunting-Queries
Sample queries for Advanced hunting in Microsoft 365 Defender
MITRE-D3FEND-Resources
A collection of tools & guides for the planning and implementation of MITRE D3FEND. This repository is independent research and is not an official nor a sanctioned MITRE D3FEND resource.
RpcView
RpcView is a free tool to explore and decompile Microsoft RPC interfaces
sof-elk
Configuration files for the SOF-ELK VM, used in SANS FOR572
SysinternalsEBPF
The Linux port of the Sysinternals Sysmon tool.
IvorRankin's Repositories
IvorRankin/ATTACK
MITRE ATT&CK Windows Logging Cheat Sheets
IvorRankin/awesome-mitre-attack
A curated list of awesome resources related to Mitre ATT&CK™ Framework
IvorRankin/dfirtriage
Digital forensic acquisition tool for Windows based incident response.
IvorRankin/ForensicPosters
IvorRankin/Microsoft-365-Defender-Hunting-Queries
Sample queries for Advanced hunting in Microsoft 365 Defender
IvorRankin/MITRE-D3FEND-Resources
A collection of tools & guides for the planning and implementation of MITRE D3FEND. This repository is independent research and is not an official nor a sanctioned MITRE D3FEND resource.
IvorRankin/RpcView
RpcView is a free tool to explore and decompile Microsoft RPC interfaces
IvorRankin/sof-elk
Configuration files for the SOF-ELK VM, used in SANS FOR572
IvorRankin/SysinternalsEBPF
The Linux port of the Sysinternals Sysmon tool.