"GRR is a python agent (client) that is installed on target systems, and python server infrastructure that can manage and talk to the agent.'" ?github.com/google/grr
PSHunt is a Powershell Threat Hunting Module designed to scan remote endpoints* for indicators of compromise or survey them for more comprehensive information related to state of those systems (active processes, autostarts, configurations, and/or logs) ... Read More...
CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.
FIDO is an orchestration layer used to automa ... Read More...
Collecting & Hunting for IOCs with gusto and style
A Hunting ELK (Elasticsearch, Logstash, Kibana) with advanced analytic capabilities.
© 2020 Copyright 2020 | DFIR Training