Add: activecm/espy to DFIR section

This commit is contained in:
pe3zx 2021-03-22 00:38:12 +07:00
parent 4a8ef6d703
commit a10eee2077

View File

@ -1000,6 +1000,10 @@ This repository is created as an online bookmark for useful links, resources and
<td><a href="https://github.com/activecm/BeaKer">activecm/BeaKer</a></td>
<td>Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana</td>
</tr>
<tr>
<td><a href="https://github.com/activecm/espy/">activecm/espy/</a></td>
<td>Endpoint detection for remote hosts for consumption by RITA and Elasticsearch</td>
</tr>
<tr>
<td><a href="https://github.com/ahmedkhlief/APT-Hunter">ahmedkhlief/APT-Hunter</a></td>
<td>APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity</td>