lbalback

Reverse-Engineering

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM and embedded RISC-V architectures.

Detect-It-Easy

Program for determining types of files for Windows, Linux and MacOS.

flare-vm

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

retoolkit

Reverse Engineer's Toolkit

awesome-forensics

A curated list of awesome forensic analysis tools and resources

pygraphistry

PyGraphistry is a Python library to quickly load, shape, embed, and explore big graphs with the GPU-accelerated Graphistry visual graph analyzer

PersistenceSniper

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte

Sentinel-Queries

Collection of KQL queries

Noriben

Noriben - Portable, Simple, Malware Analysis Sandbox

malware-gems

A not so awesome list of malware gems for aspiring malware analysts

FalconFriday

Hunting queries and detections

Threat-Hunting-and-Detection

Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).

Metrology-for-Hass

🎨 Give your Home Assistant a modern and clean facelift. 🟥🟧🟩🟦🟪 24 Variations with 2 Styles + 6 Colors (Magenta Red / Orange / Green / Blue / Purple) + 🌞 Light and 🌚 Dark modes included. Based on Metro and Fluent UI Design Systems from Microsoft Windows.

DFIRArtifactMuseum

The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifacts that may no longer be readily available anymore.

LSMS

Linux Security and Monitoring Scripts

python-beginner-programming-exercises

Practice your Python programming skills with this interactive and auto-graded set of exercises.

LearingMaterials

Different learning materials

CSIRT-Collect

PowerShell script to collect memory and (triage) disk forensics

TheHitchhikersGuidetoDFIRExperiencesFromBeginnersandExperts

The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportunity to write a chapter of a book to get their name out there, get a publication on their resume with an actual ISBN number, and ideally lower the bar for people to contribute something back to the DFIR Community. Want to write a chapter? Let me know and let's make it happen!

merlin-agent

Post-exploitation agent for Merlin

tht

Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science

Recon-ng-modules

Additional modules for recon-ng

DFIRGlossary

A collaboration effort by the DFIR community to provide definitions (sometimes multiple) for common forensic terms!

irMempull

PowerShell Memory Pulling script

dc540-0x00005b

DC540 hacking challenge 0x00005b.

diskimage

Python library for easy handling of disk-images

blue-teaming-with-kql

Repository with Sample KQL Query examples for Threat Hunting

Triage

Various Triage scripts

Intrusion_Response_Lab-app

Intrusion Response Lap application only

pycon2021