Sven Ulke's repositories
ansible_timesketch
Ansible Playbook for production ready deployment of latest timesketch head
covid19-yara-rules
Yara Rule repository generated using YarGen from various OSINT sources to figth COVID19 malware campaigns
forensic-bloom-filters
This repository holds bloom filters that can be generated from various sources like NIST, MISP, etc. for quick lookups of hash sums
thorlite2dfirtrack
Create dfirtrack entries from thor lite scan reports
ansible-tdd-development
Testing TDD Approach for creating ansible roles
appcompatprocessor
"Evolving AppCompat/AmCache data analysis beyond grep"
APT-Hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
awesome-event-ids
Collection of Event ID ressources useful for Digital Forensics and Incident Response
CAPEv2
Malware Configuration And Payload Extraction
connectors
OpenCTI connectors
covid19-malware-sample-utils
Utilities for analysis and gathering of covid19 related malware samples
dfirtrack
DFIRTrack - The Incident Response Tracking Application
dfirtrack-api-python-client
A Python client library for accessing DFIRTracks API using the OpenAPI-Standard
dfirtrackapi
A go client library for accessing DFIRTracks API using the OpenAPI-Standard
helper-scripts
Litte helpers in various scripting languages
python-workshop
Files for programming exercises
Shuffle-apps
Apps to be used for Shuffle SOAR
signature-base
Signature base for my scanner tools
timesketch
Collaborative forensic timeline analysis
turbinia
Automation and Scaling of Digital Forensics Tools
udemy-recipe-app-api
Recipe app api source code
vagrant-cape
Vagrantfile that uses ansible to deploy CAPE Sandbox together with KVM
vagrant_ansibe_testing
Vagrantfile that spins up Ubuntu Box and uses Ansible for deployment