dfir   874

« earlier    

"Windows logging Cheat Sheet", "Splunk Logging Cheat Sheet"
Windows  Security  Registry  Powershell  Forensics  SIEM  Splunk  ThreatHunting  DFIR  CheatSheet 
12 days ago by snkhan
RT : Look at what came in the mail today. Thanks to for teaching.
DFIR  from twitter
12 days ago by johnnysmart
giving an insight talk on malicious USB devices at Be careful what you p…
USB  malware  PFIC2018  DFIR  from twitter_favs
19 days ago by johnnysmart
Airtable - APT Groups and Operations
Explore the "APT Groups and Operations" base on Airtable.
APT  Malware  Cyber  DFIR  Reference 
24 days ago by snkhan
Best pCap Tools
monitoring: nload, lftop, jnettop, iptraf, nethogs, bmon, slurm, tcptrack, vnstat, bwm-ng, speedometer, pkstat, netwatch, trafshow, lfstat, dstat, collectl
capture: libpcap/tcpdump, ngrep, ttt, n2disk, pf_ring, jnetpcap,
analysis: tcpsplit, tcpflow, tcpreplay, tcpstat, tcpslice, tcpdpriv, pcap2har (to HTTP archive files), ntop, coralreef, xplot, multitail, netsniff-ng, ntopng
file extract: xplico, justniffer, networkminer, tcpxtract, foremost, dsniff, chaosreader, tcpick
pcap  networking  cybersecurity  monitoring  dfir  tools  software 
27 days ago by bwiese
GitHub - log2timeline/plaso: Super timeline all the things
RT : I had my first PR accepted into plaso, which adds extraction for Chrome autofill entries. First of many!

DFIR  from twitter
28 days ago by johnnysmart

« earlier    

related tags

10  2016  2017  activities  adversary  alexa  alternate  amazon  analysis  analytics  anomaly  api  apt  artifact  audit  automation  awesome  aws  bash  bestpractices  blog  blueteamtips  book  bookmarks_bar  bro  c2  certificates  certification  challenges  cheatsheet  cloud  cloud_forensics  cobaltstrike  communication  computer_security  covertchannel  created-by:ifttt  csirt  ctf  cyb451  cyber  cybersecurity  cyberthreatintel  defense  delicious  detection  dns  docker  echo  editing  edr  education  elasticsearch  elk  email  emulation  event  eventlog  exchange  exfil  export  extension  feynman  file  filelessmalware  for500  forensic  forensics  forms  github  gov  gpo  graphs  group  hacking  hardening  hunting  iad  id  image  images  incident  incidentresponse  information  informationsecurity  infosec  instructor  intel  ioc  ir  isc  it  jpeg  jpg  kafka  kibana  kpi  linux  list  log  logging  logstash  mac4n6  macos  mailbox  malware  memory  metadata  metasploit  metrics  microsoft  monitoring  mssp  multimedia  name  netwars  network  networking  news  nist  nsa  nsm  ntfs  o365  office365  opensource  osquery  osx  packer  page  paging  pcap  pdf  pentest  pentesting  persistence  pfic2018  platform  png  policy  powershell  presentation  process  processes  python  quote  r  reference  regex  registry  resource  response  reverseengineering  sans  sansfire  scada  scanning  script  sec504  secret  security  server  siem  simulation  snort  soar  soc  software  splunk  streams  suricate  sysadmin  sysmon  template  templates  test  thor  threat  threathunting  tls  tools  training  tripwire  url  usb  utilities  vm  webcast  whitepaper  windows  writing  yara 

Copy this bookmark: