Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
-
Updated
May 12, 2024 - Rust
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
A curated list of tools for incident response. With repository stars⭐ and forks🍴
Collection of acquisition scripts for collecting digital forensic artefacts
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Automation and Scaling of Digital Forensics Tools
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
IntelOwl: manage your Threat Intelligence at scale
Warning lists to inform users of MISP about potential false-positives or other information in indicators
Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
CLI tools for forensic investigation of Windows artifacts
Web browser forensics for Google Chrome/Chromium
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, Domain, ASN, DNS and Threat Indicator matches.
List of some cybersecurity conferences
A cross platform forensic parser written in Rust!
Forensic Artifacts Collecting Tool Set.
Add a description, image, and links to the dfir topic page so that developers can more easily learn about it.
To associate your repository with the dfir topic, visit your repo's landing page and select "manage topics."