Thomas V. Fischer's repositories
ps-srum-hunting
PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting
gdpr-data-patterns-detection
A repository for personal information data patterns and detection for EU member states. These will be useful to understand how to best detect personal information in support of GDPR
dshield
DShield Raspberry Pi Sensor
ecs-mapping
Mapping Corelight or Zeek data to Elastic Common Schema fields
jupyterhub-samlauthenticator
jupyterhub-samlauthenticator
psgetsystem
getsystem via parent process using ps1 & embeded c#
sift-saltstack
Salt States for Configuring the SIFT Workstation
sysmon-config
Sysmon configuration file template with default high-quality event tracing
SysmonSimulator
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
which-reality
PHP code to determine which reality (Server OS and web app versions) the app is running in (yeah... it's a play on Rick and Morty)
WindowsDevTools
Windows UI development tools.