Python is an easy to understand, interpreted programming language that is commonly used across the cybersecurity community. Data Types Integers and Strings Integers are set without quotation and ...

The good folks at SANS Institute have put together and maintain a pre-configured collection of tools to assist DFIR analysts in their war against the cyber baddies. If you’ve taken one of SANS DFIR...

Overview Gathering information on target infrastructure, operations, and personnel. Reconnaissance consists of techniques that involve adversaries actively or passively gathering information that...

“Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network invento...

Overview PECmd is a command line tool developed by Eric Zimmerman, to process Prefetch files (.pf) on Windows operating systems, identifying items such as: Volume information Files and Direc...

Cybersecurity Risk and Risk Management Cybersecurity risk refers to the potential for harm to an organization’s assets, such as data, systems, and networks, as a result of cyber threats. Cyber thr...

Using any tools, tactics, or techniques mentioned in this repository on infrastructure that you do not own or do not have express permission to perform tasks on is strictly prohibited. Such acti...

Techniques that can be used to discover evidence in support of an assets physical location, network connectivity and web browser history post-breach. More useful in investigation relating to inside...

Techniques that can be used to discover evidence in support of lateral movement through a network using various techniques. Windows Remote Desktop Protocol (RDP) Usage Track RDP logins between re...

Techniques that can be used to discover evidence in support of an attackers interaction with files and folders such as search, deletion and opening post-breach. Windows XP Search (ACMRU) A wide v...