APT-Hunter
forensicsim
APT-Hunter | forensicsim | |
---|---|---|
4 | 1 | |
1,147 | 57 | |
- | - | |
4.7 | 9.0 | |
about 2 months ago | 3 months ago | |
Python | Python | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
APT-Hunter
- APT-Hunter: APT-Hunter is Threat Hunting tool for Windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
- ahmedkhlief/APT-Hunter: Threat Hunting tool for windows event logs
- ahmedkhlief/APT-Hunter - APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
- Release: APT-Hunter V1.1 Stable
forensicsim
-
3rd party app to read MS Teams?
I’ve used https://github.com/lxndrblz/forensicsim as a stand-alone and it worked well. Also works as an autopsy plugin but haven’t used it.
What are some alternatives?
mediator - An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.
ccl_chrome_indexeddb - (Sometimes partial) Python re-implementations of the technologies involved in reading various data sources in Chrome-esque applications.
evtx-hunter - evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
teams-for-linux - Unofficial Microsoft Teams for Linux client
hashlookup-forensic-analyser - Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/
teams-call - Shell script to detect when you're in a Microsoft Teams Call. Supports Linux and macOS.
RELY - RELY (Name composed on project members Romy, Esther, Lucille and Yassir) is a python tool developed to help a Digital Forensics Triage procedure on some Microsoft Windows devices.
GoodHound - Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
beagle - Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.