r4gast's Stars
r4gast/blog
blog
LearningKijo/KQL
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
SigmaHQ/pySigma
Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
SigmaHQ/sigma
Main Sigma Rule Repository
bartblaze/Yara-rules
Collection of private Yara rules.
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
ashemery/malware-tools
A list of useful tools for Malware Analysis (will be updated regularly)
0xAnalyst/CB-Threat-Hunting
weslambert/velociraptor-docker
Docker image for Velocidex Velociraptor
dfir-iris/iris-web
Collaborative Incident Response platform
r4gast/cortex-xdr-client
A python-based API client for Cortex XDR API.
lawiet47/mobileiron-api
A python API for Mobile Iron Cloud
AbdulRhmanAlfaifi/Fennec
Artifact collection tool for *nix systems
WithSecureLabs/LinuxCatScale
Incident Response collection and processing scripts with automated reporting scripts
R3MRUM/PSDecode
PowerShell script for deobfuscating encoded PowerShell scripts
muteb/Hoarder
This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole har drive.
DFIRKuiper/Kuiper
Digital Forensics Investigation Platform
hasherezade/malware_training_vol1
Materials for Windows Malware Analysis training (volume 1)
TheHive-Project/TheHive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform