Overview Graylog provides answers to your team’s security, application, and IT infrastructure questions by enabling you to combine, enrich, correlate, query, and visualize all your log data in one...

These repositories contain lists of various cybersecurity tools, resources, and libraries that are considered particularly useful or noteworthy by the community. They are a good starting point for ...

Overview Timelines are an important tool in incident response and digital forensics for understanding the sequence of events that have occurred on a computer system. They can be used to: Ident...

Overview If you’re a web developer, you’ve probably heard of Markdown. It’s a popular markup language that’s used to format text on the web. Whether you’re writing a blog post, creating documentat...

Overview Memory forensics is a branch of digital forensics that involves analyzing a computer’s memory dump (or RAM) to uncover evidence of cyber attacks, malicious activity, and other issues. It ...

Overview MrKaplan is a tool aimed to help red teamers stay hidden and clear as much forensic traces as possible. It works by saving information such as the time it ran, under which user and “rever...

Overview Volatility is the world’s most widely used framework for extracting digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of...

Overview An adversary exploits a weakness in authentication to create an access token (or equivalent) that impersonates a different entity, and then associates a process/thread to that that impers...

Overview When authenticating via LM or NTLM, an authenticating account’s plaintext credentials are not required by the protocols for successful authentication. Instead, the hashed credentials are ...

Overview Attacks leveraging trusted credentials typically result in the adversary laterally moving within the local network, since users are often allowed to login to systems/applications within t...