SecurityResearcher Note alternatives for AI agents.

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID

PowerShell Digital Forensics & Incident Response Scripts.

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

FAME Automates Malware Evaluation

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

PagerDuty's Incident Response Documentation.

PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte

A collection of resources for Threat Hunters

Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes

Tools and Techniques for Blue Team / Incident Response

game of active directory

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity