Welcome to the public repositories of APTA Technologies. Here you can find the following repositories.
A Velociraptor artifact helping incident responders to find malicious acitivites in Windows event logs faster. It assigns every log line a novelty score, indicating how surprising this event is. Loaded into a timeline viewer, this helps to gain a quick overview of relevant points in time. You'll find activities faster, and can correlate difference services on the same or even different endpoints.
If you find this useful, you probably want to check out our own timeline viewer, specifically made to support incident responders digging through log data.
A Github Action to quickly identify differences in program execution traces.
Find out more on www.apta.tech.
You can follow us on @aptatech@infosec.exchange.