Outil de triage automatisé de différents types de collectes d'artefacts.

Incident Response Methodologies 2022

Automation script to download JSON MISP files from a SFTP server and import them via API to a MISP instance.

Guide journalisation Microsoft

ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit …

Outil de récupération automatique des données AZure / Automated tool for dumping Azure configuration data

Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert

Collaborative Incident Response platform

Algorithme d'apprentissage statistique permettant de créer un modèle sur les lignes de commandes des évènements "Création de Processus", afin de détecter des anomalies dans les évènements futurs

Graphical remote desktop solution

Active Directory delegation management tool

Formation DevOps ICA, mettre en oeuvre l'intégration continue

Détection d'anomalie à partir des journaux d'authentification Windows

RDP Bitmap Cache parser

Configurations for DFIR ORC

Documentation for DFIR ORC, artefact collection tool dedicated to Microsoft Windows

Forensics artefact collection tool for systems running Microsoft Windows

Active Directory Control Paths auditing and graphing tools

A boot record parser that identifies known good signatures for MBR, VBR and IPL.

Extract BITS jobs from QMGR queue and store them as CSV records