Category: Forensics

RDP Honeypot

ad-honeypot-autodeploy: RDP Honeypot fully automatically

ad-honeypot-autodeploy Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically. Runs on self-hosted virtualization using libvirt with QEMU/KVM (but it can be customized easily for cloud-based solutions). Used for painlessly set up a small...

AzureHunter

AzureHunter: Cloud Forensics Powershell module

AzureHunter A Powershell module to run threat hunting playbooks on data from Azure and O365 for Cloud Forensics purposes. What is the UnifiedAuditLog? The unified audit log contains user, group, application, domain, and directory...

Altprobe

altprobe v1.0.2 releases: automation, continuous monitoring, orchestration, threat detection, and response

Altprobe The repository includes Alertflex collector and installation scripts for security sensors (Suricata NIDS, Wazuh HIDS, Falco CRS). Alertflex project is a cybersecurity solution for automation, continuous monitoring, orchestration, threat detection, and response. Alertflex...

gargamel

gargamel v1.1 releases: forensic evidence acquirer

Gargamel Right now, this app works only on Windows and the target computer must use Windows or Linux. Make sure to have the following programs in the same directory as Gargamel. psexec, download paexec,...