Add: matanolabs/matano to DFIR section

README.md

@@ -864,6 +864,10 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/MITRECND/malchive">MITRECND/malchive</a></td>
         <td>Various capabilities for static malware analysis.</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/moyix/gpt-wpre">moyix/gpt-wpre</a></td>
+        <td>Whole-Program Reverse Engineering with GPT-3</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/mrphrazer/obfuscation_detection">mrphrazer/obfuscation_detection</a></td>
         <td>Collection of scripts to pinpoint obfuscated code</td>
@@ -1021,6 +1025,10 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/Azure/Stormspotter">Azure/Stormspotter</a></td>
         <td>Azure Red Team tool for graphing Azure and Azure Active Directory objects</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/AzureAD/Azure-AD-Incident-Response-PowerShell-Module">AzureAD/Azure-AD-Incident-Response-PowerShell-Module</a></td>
+        <td>The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Response Team (DART), to assist in compromise response.</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/BishopFox/iam-vulnerable">BishopFox/iam-vulnerable</a></td>
         <td>Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.</td>
@@ -1053,6 +1061,10 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/cisagov/Sparrow">cisagov/Sparrow</a></td>
         <td>Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/cisagov/untitledgoosetool">cisagov/untitledgoosetool</a></td>
+        <td>Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments.</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/cloud-sniper/cloud-sniper">cloud-sniper/cloud-sniper</a></td>
         <td>Cloud Security Operations Orchestrator</td>
@@ -1336,8 +1348,8 @@ This repository is created as an online bookmark for useful links, resources and
         <td>Automatically decode encryptions without a key, decode encodings, and crack hashes</td>
     </tr>
     <tr>
-        <td><a href="https://github.com/corkami/pocs/">corkami/pocs</a></td>
-        <td>Proof of Concepts (PE, PDF...)</td>
+        <td><a href="https://github.com/Demonslay335/CryptoTester">Demonslay335/CryptoTester</a></td>
+        <td>A utility for playing with cryptography, geared towards ransomware analysis.</td>
     </tr>
     <tr>
         <td><a href="https://github.com/mpgn/BEAST-PoC">mpgn/BEAST-PoC</a></td>
@@ -1793,6 +1805,10 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/markbaggett/werejugo">markbaggett/werejugo</a></td>
         <td>Identifies physical locations where a laptop has been based upon wireless profiles and wireless data recorded in event logs</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/matanolabs/matano">matanolabs/matano</a></td>
+        <td>Open source cloud-native security lake platform (SIEM alternative) for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/microsoft/avml">microsoft/avml</a></td>
         <td>AVML - Acquire Volatile Memory for Linux</td>
@@ -2232,6 +2248,10 @@ This repository is created as an online bookmark for useful links, resources and
         <td><b>Link</b></td>
         <td><b>Description</b></td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/MaximeBeasse/KeyDecoder">MaximeBeasse/KeyDecoder</a></td>
+        <td>KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/Theldus/bread">Theldus/bread</a></td>
         <td>🍞 BREAD: BIOS Reverse Engineering & Advanced Debugging</td>
@@ -3662,6 +3682,10 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://mythx.io/">Mytx</a></td>
         <td>Smart contract security service for Ethereum</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/nascentxyz/pyrometer">nascentxyz/pyrometer</a></td>
+        <td>A tool for analyzing the security and parameters of a solidity smart contract</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/nccgroup/GOATCasino">nccgroup/GOATCasino</a></td>
         <td>This is an intentionally vulnerable smart contract truffle deployment aimed at allowing those interested in smart contract security to exploit a wide variety of issues in a safe environment.</td>