Pinned Repositories
Active_Directory_Advanced_Threat_Hunting
This repo is about Active Directory Advanced Threat Hunting
awesome-forensics
A curated list of awesome forensic analysis tools and resources
AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
blue-jupyter
Jupyter Notebooks for the Blue Team
dfis
Digital Forensic Investigative Scripts
ErebusGate
ErebusGate for Nim Bypass AV/EDR
forensic-artifact-automation
A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing open-source tools, such as Kape (Kroll Artifact Parser and Extractor), to forensically acquire and process necessary artifact used in compromise assessments. Additional scripts provide pre-processing automation ca
Havoc
The Havoc Framework
LogonTracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
Mandiant-Azure-AD-Investigator
jason-yung's Repositories
jason-yung/Active_Directory_Advanced_Threat_Hunting
This repo is about Active Directory Advanced Threat Hunting
jason-yung/awesome-forensics
A curated list of awesome forensic analysis tools and resources
jason-yung/AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
jason-yung/blue-jupyter
Jupyter Notebooks for the Blue Team
jason-yung/dfis
Digital Forensic Investigative Scripts
jason-yung/ErebusGate
ErebusGate for Nim Bypass AV/EDR
jason-yung/forensic-artifact-automation
A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing open-source tools, such as Kape (Kroll Artifact Parser and Extractor), to forensically acquire and process necessary artifact used in compromise assessments. Additional scripts provide pre-processing automation ca
jason-yung/Havoc
The Havoc Framework
jason-yung/LogonTracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
jason-yung/Mandiant-Azure-AD-Investigator
jason-yung/toolkit
A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
jason-yung/WELA
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
jason-yung/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合