搜索
SANS FOR508 2016
磁力链接/BT种子名称
SANS FOR508 2016
磁力链接/BT种子简介
种子哈希:
ef9ee1ce583e8049e7960aa6d68f43d9960ace52
文件大小:
91.79G
已经下载:
109
次
下载速度:
极快
收录时间:
2022-04-30
最近下载:
2024-11-03
移花宫入口
移花宫.com
邀月.com
怜星.com
花无缺.com
yhgbt.icu
yhgbt.top
磁力链接下载
magnet:?xt=urn:btih:EF9EE1CE583E8049E7960AA6D68F43D9960ACE52
推荐使用
PIKPAK网盘
下载资源,10TB超大空间,不限制资源,无限次数离线下载,视频在线观看
下载BT种子文件
磁力链接
迅雷下载
PIKPAK在线播放
91视频
含羞草
欲漫涩
逼哩逼哩
成人快手
51品茶
抖阴破解版
暗网禁地
91短视频
TikTok成人版
PornHub
草榴社区
乱伦社区
最近搜索
小学语文老师【色色的老湿
烈焰红唇 会劈叉
自残阴茎
《西安简爱舞厅》(2)内的淫乱的抓奶+抠逼+吃鸡
tears of the kingdom 1.1.0 nsp
取悦领导
白天
atkgalleria.14.10.13.alexa.grace.sex.machine.xxx.1
2995340
探花叫
央视
guochan2048.com -女儿
01.08
长屌哥
the death of slim shady flac
黑老大
shave
1233
张爱
打工夫妻
하이레그
国产剧集
butlers
婕咪闺蜜
marlowe 1969
daz3d. poser
世界奇妙物语2000电影特别篇
嗜人
缓一下
姐姐操弟弟
文件列表
FOR508-USB/SIFT-Lab-Install/SIFT/SIFT 3 - FOR508.zip
18.5 GB
FOR508-USB-B/win2008R2-controller-10.3.58.4/win2008R2-controller-c-drive/win2008R2-controller-c-drive.E01
14.4 GB
FOR508-USB-B/win7-64-nfury-10.3.58.6/win7-64-nfury-c-drive/win7-64-nfury-c-drive.E01
12.0 GB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/win7-32-nromanoff-c-drive.E01
9.7 GB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/win7-32-nromanoff-c-drive.E01
9.7 GB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/xp-tdungan-c-drive.E01
7.0 GB
FOR508-USB-B/win2008R2-controller-10.3.58.4/win2008R2-controller-memory/win2008R2-controller-memory-raw.001
2.7 GB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-memory/xp-tdungan-memory-raw.001
2.1 GB
FOR508-USB-B/win7-64-nfury-10.3.58.6/win7-64-nfury-memory/win7-64-nfury-memory-raw.001
2.1 GB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-memory/win7-32-nromanoff-memory-raw.001
2.1 GB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-memory/win7-32-nromanoff-memory-raw.001
2.1 GB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-memory/baseline-memory/XPSP3x86-baseline.img
2.1 GB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-memory/baseline-memory/Win7SP1x86-baseline.img
2.1 GB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-memory/baseline-memory/Win7SP1x86-baseline.img
2.1 GB
FOR508-USB/example-memory-images/xp_tdungan_live_audit.mans
715.0 MB
FOR508-USB/SIFT-Lab-Install/VMware/VMware-workstation-full-10.0.4-2249910.exe
515.0 MB
FOR508-USB-B/win2008R2-controller-10.3.58.4/win2008R2-controller-memory/win2008DC-Memory.mans
454.8 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32processes-memory.60040847.xml
423.1 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/bulk-extractor/bulk-extractor-output.zip
315.2 MB
FOR508-USB/example-memory-images/storm_worm.mans
295.3 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32apifiles.111f277c.xml
263.6 MB
FOR508-USB/example-memory-images/nromanoff.mans
244.3 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/nromanoff.mans
244.3 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/nromanoff.mans
244.3 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/FOR408-Tools.zip
242.9 MB
FOR508-USB/SIFT-Lab-Install/IOC Editor/DOTNET/dotnetfx35_FULL.exe
242.7 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32registryapi.727d315d.xml
241.0 MB
FOR508-USB/SIFT-Lab-Install/DATA-FOR-FINAL-DAY.zip
223.8 MB
FOR508-USB/example-memory-images/sobig.zip
177.4 MB
FOR508-USB/example-memory-images/stuxnet.zip
175.9 MB
FOR508-USB/example-memory-images/APT.zip
174.8 MB
508.3-4.1.pdf
155.9 MB
508.2.1.pdf
135.0 MB
508.workbook.3.pdf
134.5 MB
508.3-4.2.pdf
133.4 MB
FOR508-USB/example-memory-images/conficker.zip
128.0 MB
508.1.pdf
115.3 MB
508.5.1.pdf
113.3 MB
FOR508-USB-B/win7-64-nfury-10.3.58.6/win7-64-nfury-memory/win7-nfury-memory.mans
108.7 MB
508.workbook.2.pdf
106.6 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/xp-tdungan-plaso.dump
100.7 MB
FOR508-USB/SIFT-Lab-Install/VMware/VMware-player-6.0.3-1895310.exe
98.9 MB
508.5.2.pdf
98.2 MB
FOR508-USB/example-memory-images/xp_tdungan.mans
93.8 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-memory/xp_tdungan.mans
93.8 MB
FOR508-USB/example-memory-images/TDSS.zip
93.3 MB
508.workbook.1.pdf
91.7 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/xp_tdungan.mans
91.3 MB
FOR508-USB/example-memory-images/storm_worm.zip
74.0 MB
508.2.2.pdf
73.6 MB
FOR508-USB/example-memory-images/APT.mans
73.5 MB
FOR508-USB/example-memory-images/stuxnet.mans
71.8 MB
FOR508-USB/SIFT-Lab-Install/Redline/Redline-1.14.msi
70.2 MB
FOR508-USB/SIFT-Lab-Install/Redline/DOTNET/dotNetFx4.5_Full.exe
70.0 MB
FOR508-USB/SIFT-Lab-Install/IOC Editor/DOTNET/dotNetFx4.5_Full.exe
70.0 MB
FOR508-USB/SIFT-Lab-Install/IOC Editor/DOTNET/DOTNET/dotNetFx4.5_Full.exe
70.0 MB
FOR508-USB/SIFT-Lab-Install/Redline/Redline-Older-Versions/Redline-1.12.msi
69.5 MB
FOR508-USB/SIFT-Lab-Install/Redline/Redline-Older-Versions/Redline-1.13.msi
68.2 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/plaso.dump
64.9 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/win7-32-nromanoff-plaso.dump
64.9 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/plaso.dump
64.9 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/win7-32-nromanoff-plaso.dump
64.9 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32systemrestore.05361a50.xml
59.6 MB
FOR508-USB/SIFT-Lab-Install/Redline/m-whitelist-1.0.txt
57.3 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/m-whitelist-1.0.txt
57.3 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/m-whitelist-1.0.txt
57.3 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/m-whitelist-1.0.txt
57.3 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/win7-32-nromanoff-bodyfile
54.8 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/win7-32-nromanoff-bodyfile
54.8 MB
FOR508-USB/example-memory-images/sobig.mans
53.9 MB
FOR508-USB/SIFT-Lab-Install/Redline/DOTNET/dotNetFx40_Full_x86_x64.exe
50.4 MB
FOR508-USB/SIFT-Lab-Install/IOC Editor/DOTNET/dotNetFx40_Full_x86_x64.exe
50.4 MB
FOR508-USB/SIFT-Lab-Install/IOC Editor/DOTNET/DOTNET/dotNetFx40_Full_x86_x64.exe
50.4 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/plaso.csv
42.6 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/plaso.csv
42.6 MB
FOR508-USB/example-memory-images/zeus.zip
42.4 MB
FOR508-USB/example-memory-images/black_energy.zip
41.7 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/RegistryExplorer.exe
40.7 MB
FOR508-USB/example-memory-images/zeus.mans
39.8 MB
FOR508-USB/example-memory-images/black_energy.mans
37.8 MB
FOR508-USB/example-memory-images/conficker.mans
35.6 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/plaso.csv
32.5 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/supertimeline.csv
31.5 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/supertimeline.csv
31.5 MB
FOR508-USB/example-memory-images/TDSS.mans
29.5 MB
FOR508-USB/SIFT-Lab-Install/Timeline Explorer/TimelineExplorer.exe
28.4 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/timeline.csv
26.1 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/volume-shadow/vss-supertimeline.xlsx
23.7 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/volume-shadow/vss-supertimeline.xlsx
23.7 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32scripting-persistence.35320a21.xml
19.5 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32eventlogs.617a4e0f.xml
17.8 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/ANJPv3.11.07_FE.exe
17.7 MB
FOR508-USB/SIFT-Lab-Install/F-Response-Enterprise/F-ResponseEnterprise.exe
16.1 MB
FOR508-USB-B/win7-64-nfury-10.3.58.6/NFURY-FINAL-TIMELINE.xlsx
12.9 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/sleuthkit-4.3.0-win32.zip
12.3 MB
FOR508-USB/documents/Windows 10 Security Auditing and Monitoring Reference.docx
9.9 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/XP-TDUNGAN-TIMELINE-FINAL.xlsx
9.6 MB
FOR508-USB/SIFT-Lab-Install/Redline/User-Guide-redline.pdf
9.1 MB
FOR508-USB/SIFT-Lab-Install/Redline/Redline-Older-Versions/Redline1.13_UserGuide.pdf
7.8 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/WIN7-NROMANOFF-TIMELINE-FINAL.xlsx
7.1 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/WIN7-NROMANOFF-TIMELINE-FINAL.xlsx
7.1 MB
FOR508-USB/documents/Threat Intelligence Reports/2013-Mandiant_APT1_Report.pdf
6.8 MB
FOR508-USB/documents/Threat Intelligence Reports/Mandiant_APT1_Report.pdf
6.8 MB
FOR508-USB/documents/Threat Intelligence Reports/rpt-poison-ivy.pdf
6.1 MB
FOR508-USB/documents/Linux-and -VMware-How-To.pdf
5.7 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/XP-TDUNGAN-TIMELINE-FINAL.xlsx
5.6 MB
FOR508-USB/SIFT-Lab-Install/Event Log Explorer/elex_setup.exe
5.0 MB
FOR508-USB/documents/Threat Intelligence Reports/CyberIntrusionCasebook.pdf
4.9 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/RegistryExplorerManual.pdf
4.7 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Emailtime 2013-04-09.zip
4.5 MB
FOR508-USB/documents/Threat Intelligence Reports/2015-Equation_group_questions_and_answers.pdf
4.2 MB
FOR508-USB/documents/Evidence-Of-Poster.pdf
3.9 MB
FOR508-USB/documents/SANS-DFIR-CATALOG.pdf
3.7 MB
FOR508-USB/documents/Threat Intelligence Reports/h12756-wp-shell-crew.pdf
3.6 MB
FOR508-USB/documents/Windows Artifacts Dissected by Mike Murr.pdf
3.6 MB
FOR508-USB/documents/Memory-Forensics-Poster.pdf
3.5 MB
FOR508-USB/documents/Threat Intelligence Reports/PlugX-DLL-Sideloading.pdf
3.4 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/nromanoff-mactime-timeline.csv
3.1 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/nromanoff-mactime-timeline.csv
3.1 MB
FOR508-USB/documents/Threat Intelligence Reports/CrowdStrike_Global_Threat_Report_2014.pdf
3.1 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/TIMELINE_COLOR_TEMPLATE.xlsx
3.0 MB
FOR508-USB/documents/Threat Intelligence Reports/CrowdStrike_Global_Threat_Report_2015.pdf
3.0 MB
FOR508-USB/documents/Threat Intelligence Reports/2014-Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf
2.9 MB
FOR508-USB/documents/Examining Shadows Volumes in a Raw Image.pdf
2.6 MB
FOR508-USB/documents/Threat Intelligence Reports/FireEye-APT-Handbook.pdf
2.5 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/fls.zip
2.4 MB
FOR508-USB/documents/Threat Intelligence Reports/M-TRENDS-2015.pdf
2.3 MB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Mandiant IOCe.msi
2.2 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/timeliner.body
2.1 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/timeliner.body
2.1 MB
FOR508-USB/documents/Threat Intelligence Reports/2015-NORSE_JIB_IRAN_011_JANUARY_27_2015.pdf
2.0 MB
FOR508-USB/documents/Poster_Find_Evil.pdf
1.9 MB
FOR508-USB/documents/Threat Intelligence Reports/fireeye-operation-saffron-rose.pdf
1.9 MB
poster_2014_find_evil.pdf
1.9 MB
FOR508-USB/documents/Threat Intelligence Reports/ICIT-Brief-Know-Your-Enemies-2.0.pdf
1.7 MB
FOR508-USB/documents/Threat Intelligence Reports/2015-Project2049-Stokes_PLA_General_Staff_Department_Unit_61398.pdf
1.6 MB
FOR508-USB/documents/Threat Intelligence Reports/2011-Project2049-PLA third department_sigint cyber stokes lin hsiao.pdf
1.5 MB
FOR508-USB/documents/Threat Intelligence Reports/wp-windows-management-instrumentation.pdf
1.5 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/LogParser.msi
1.5 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32drivers-signature.480a2813.xml
1.4 MB
FOR508-USB/SIFT-Lab-Install/7zip/7zip-64bit.msi
1.4 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Autoruns.zip
1.3 MB
FOR508-USB/documents/Additional Windows Logs Firewall and IIS Logs.pdf
1.3 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/TIMELINE_COLOR_TEMPLATE.zip
1.2 MB
FOR508-USB/documents/Cyber Threat Intelligence IOCs/apt1-stix-1.2.zip
1.2 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/nromanoff-mactime-timeline-final.csv
1.2 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/nromanoff-mactime-timeline-final.csv
1.2 MB
FOR508-USB/SIFT-Lab-Install/7zip/7zip-32bit.msi
1.1 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/hashes/WinXPSP3x86.txt
1.1 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/timeliner.body
1.1 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/volatility/timeliner.body
1.1 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/RECmd/RECmd.exe
1.1 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.cookiehistory.34173157.xml
906.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/PECmd.exe
871.4 kB
FOR508-USB/documents/Detecting-security-incidents-windows-workstation-event-logs.pdf
836.5 kB
FOR508-USB/documents/Windows Logging Cheat Sheet v1.1.pdf
780.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/autorunner.v0.0.9.zip
767.9 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32prefetch.4d2a5d1e.xml
715.2 kB
FOR508-USB/documents/Mounting Images for Analysis.pdf
705.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/AmcacheParser.exe
696.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.urlhistory.45562413.xml
689.3 kB
FOR508-USB/SIFT-Lab-Install/F-Response-Enterprise/fresponselm-accel-lin_5.0.3_amd64.deb
633.1 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/autorunsc.exe
629.4 kB
FOR508-USB/documents/Cyber Threat Intelligence IOCs/poison_ivy-stix-1.2.zip
627.9 kB
FOR508-USB/documents/Threat-Hunting-Links.xlsx
610.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/procdump.exe
591.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/TIMELINE_COLOR_TEMPLATE.xlsx
566.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/TIMELINE_COLOR_TEMPLATE.xlsx
566.3 kB
FOR508-USB/documents/rekall-memory-forensics-cheatsheet.pdf
565.3 kB
FOR508-USB/documents/Remediating-Intrusions.pdf
560.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/Handle.exe
536.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/PEid-Signatues/userdb.txt
490.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/PEid-Signatues/userdb.txt
490.6 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/PEid-Signatues/userdb.txt
490.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/fls.exe
489.0 kB
FOR508-USB/documents/FAT Filesystem.pdf
426.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Procdump.zip
411.0 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/volatility/zeus-apihooks.txt
383.0 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/volatility/zeus-apihooks.txt
383.0 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/volatility/zeus-apihooks.txt
383.0 kB
FOR508-USB-B/win7-64-nfury-10.3.58.6/win7-64-nfury-incident-response/autoruns-win7-64-nfury.csv
374.5 kB
FOR508-USB/documents/Mount using iSCSI Reusable Connection.pdf
370.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/sigcheck.exe
369.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/openioc1-0.zip
339.7 kB
FOR508-USB-B/win2008R2-controller-10.3.58.4/win2008R2-controller-incident-response/autoruns-controller.csv
322.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-incident-response/autoruns-win7-32-nromanoff.csv
311.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-incident-response/autoruns-win7-32-nromanoff.csv
311.5 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/ZoomIt.zip
303.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32services.2b217c3a.xml
298.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/prefetch_hashes_lookup.zip
293.7 kB
FOR508-USB/documents/Threat Intelligence Reports/Dissecting the Tactics & Techniques of an Adversary.pdf
288.0 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32kernel-hookdetection.1b6f5266.xml
266.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/8dd23e0a-a659-45b4-a168-67e4b00944fb.ioc
258.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/8dd23e0a-a659-45b4-a168-67e4b00944fb.ioc
258.7 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/8dd23e0a-a659-45b4-a168-67e4b00944fb.ioc
258.7 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/8dd23e0a-a659-45b4-a168-67e4b00944fb.ioc
258.7 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/8dd23e0a-a659-45b4-a168-67e4b00944fb.ioc
258.7 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/TIMELINE_COLOR_TEMPLATE.zip
243.4 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/TIMELINE_COLOR_TEMPLATE.zip
243.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/autoruns-xp-tdungan.csv
232.7 kB
FOR508-USB/documents/Cyber Threat Intelligence IOCs/APT1 - IOCS.zip
209.2 kB
FOR508-USB/documents/Windows 7 and Windows Server 2008 R2 Security Event Descriptions.xls
207.9 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master.zip
158.8 kB
FOR508-USB/documents/SIFT WORKSTATION CHEAT SHEET 3.1.pdf
137.9 kB
FOR508-USB/documents/For508_HANDOUT_MemFor_v1_3.pdf
112.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/BatchResults.xml
104.7 kB
FOR508-USB/VERSION-FOR508-17-2A.txt
95.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/SDelete.zip
82.7 kB
FOR508-USB/documents/Threat Intelligence Reports/2006-iDefense-NCPH Hacking Team and Word 0-days.pdf
76.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/SkyipotWyksol-Trojan.ioc
75.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT30/eeffc8e8-caee-4fe1-8ace-7a994b5d893f.ioc
70.9 kB
FOR508-USB/documents/Forensic Log Parsing with Microsoft's LogParser.pdf
69.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Operation-Troy.ioc
69.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/eeffc8e8-caee-4fe1-8ace-7a994b5d893f.ioc
60.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/baa24c6a-a223-4919-b3e5-08c4809e434d.ioc
60.5 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/12a40bf7-4834-49b0-a419-6abb5fe2b291.ioc
60.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/12a40bf7-4834-49b0-a419-6abb5fe2b291.ioc
60.0 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/12a40bf7-4834-49b0-a419-6abb5fe2b291.ioc
60.0 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/12a40bf7-4834-49b0-a419-6abb5fe2b291.ioc
60.0 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/12a40bf7-4834-49b0-a419-6abb5fe2b291.ioc
60.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_ce405547a0e213f1c53b55f05e5592617297df37_operation windigo.ioc
59.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/timestomp.exe
57.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32drivers-modulelist.2448051b.xml
52.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/kansa.ps1
49.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/NetTraveler.ioc
48.9 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-MasterFileTable.ps1
46.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.LastVisitedPidlMRU.dll
43.5 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.OpenSavePidlMRU.dll
43.5 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/a1f02cbe-7d37-4ff8-bad7-c5f9f7ea63a3.ioc
42.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/a1f02cbe-7d37-4ff8-bad7-c5f9f7ea63a3.ioc
42.9 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/a1f02cbe-7d37-4ff8-bad7-c5f9f7ea63a3.ioc
42.9 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/a1f02cbe-7d37-4ff8-bad7-c5f9f7ea63a3.ioc
42.9 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/a1f02cbe-7d37-4ff8-bad7-c5f9f7ea63a3.ioc
42.9 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Resolve-WindowsGUID.ps1
42.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Flamer-Framework.ioc
40.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Operation-Red-October.ioc
40.7 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/70b5be0c-8a94-44b4-97a4-1e95b09498a8.ioc
36.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/70b5be0c-8a94-44b4-97a4-1e95b09498a8.ioc
36.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/70b5be0c-8a94-44b4-97a4-1e95b09498a8.ioc
36.8 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/70b5be0c-8a94-44b4-97a4-1e95b09498a8.ioc
36.8 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/70b5be0c-8a94-44b4-97a4-1e95b09498a8.ioc
36.8 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/c71b3305-85e5-4d51-b07c-ff227181fb5a.ioc
35.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/c71b3305-85e5-4d51-b07c-ff227181fb5a.ioc
35.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/c71b3305-85e5-4d51-b07c-ff227181fb5a.ioc
35.4 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/c71b3305-85e5-4d51-b07c-ff227181fb5a.ioc
35.4 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/c71b3305-85e5-4d51-b07c-ff227181fb5a.ioc
35.4 kB
FOR508-USB-B/VERSION-FOR508-17-2B.TXT
33.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Timestomp-GUI.exe
33.3 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/d1c65316-cddd-4d9c-8efe-c539aa5965c0.ioc
31.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/d1c65316-cddd-4d9c-8efe-c539aa5965c0.ioc
31.6 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/d1c65316-cddd-4d9c-8efe-c539aa5965c0.ioc
31.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d1c65316-cddd-4d9c-8efe-c539aa5965c0.ioc
31.6 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d1c65316-cddd-4d9c-8efe-c539aa5965c0.ioc
31.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/8695bb5e-29cd-41b9-b8b1-a0d20a6b960d.ioc
31.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/8695bb5e-29cd-41b9-b8b1-a0d20a6b960d.ioc
31.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/8695bb5e-29cd-41b9-b8b1-a0d20a6b960d.ioc
31.1 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/8695bb5e-29cd-41b9-b8b1-a0d20a6b960d.ioc
31.1 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/8695bb5e-29cd-41b9-b8b1-a0d20a6b960d.ioc
31.1 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/fabdf553-b3ed-4bc9-9ac6-13d6bd174dad.ioc
30.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/fabdf553-b3ed-4bc9-9ac6-13d6bd174dad.ioc
30.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/fabdf553-b3ed-4bc9-9ac6-13d6bd174dad.ioc
30.4 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/fabdf553-b3ed-4bc9-9ac6-13d6bd174dad.ioc
30.4 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/fabdf553-b3ed-4bc9-9ac6-13d6bd174dad.ioc
30.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.formhistory.2446280a.xml
29.9 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/d5e49501-c30d-41ae-b381-c3c473040c39.ioc
29.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/d5e49501-c30d-41ae-b381-c3c473040c39.ioc
29.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/d5e49501-c30d-41ae-b381-c3c473040c39.ioc
29.3 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d5e49501-c30d-41ae-b381-c3c473040c39.ioc
29.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d5e49501-c30d-41ae-b381-c3c473040c39.ioc
29.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/de99badf-b448-49e7-885a-4d8688ddf02d.ioc
29.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_08441c5d5f339359e526d6705465c30777092bda_xtreme rat.ioc
25.9 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/c32b8af3-28d0-47d3-801f-a2c2b0129650.ioc
25.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/c32b8af3-28d0-47d3-801f-a2c2b0129650.ioc
25.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/c32b8af3-28d0-47d3-801f-a2c2b0129650.ioc
25.3 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/c32b8af3-28d0-47d3-801f-a2c2b0129650.ioc
25.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/c32b8af3-28d0-47d3-801f-a2c2b0129650.ioc
25.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/de99badf-b448-49e7-885a-4d8688ddf02d.ioc
24.7 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/eb91abad-afe0-4bd6-80f2-850d14a99308.ioc
23.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/eb91abad-afe0-4bd6-80f2-850d14a99308.ioc
23.9 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/eb91abad-afe0-4bd6-80f2-850d14a99308.ioc
23.9 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/eb91abad-afe0-4bd6-80f2-850d14a99308.ioc
23.9 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/eb91abad-afe0-4bd6-80f2-850d14a99308.ioc
23.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Icefrog-APT.ioc
23.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Gh0st-RAT.ioc
22.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/e928aac0-9f71-4adf-9978-4177345ec610.ioc
22.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/e928aac0-9f71-4adf-9978-4177345ec610.ioc
22.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/e928aac0-9f71-4adf-9978-4177345ec610.ioc
22.2 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/e928aac0-9f71-4adf-9978-4177345ec610.ioc
22.2 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/e928aac0-9f71-4adf-9978-4177345ec610.ioc
22.2 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/806beff3-7395-492e-be63-99a6b4a550b8.ioc
21.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/806beff3-7395-492e-be63-99a6b4a550b8.ioc
21.9 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/806beff3-7395-492e-be63-99a6b4a550b8.ioc
21.9 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/806beff3-7395-492e-be63-99a6b4a550b8.ioc
21.9 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/806beff3-7395-492e-be63-99a6b4a550b8.ioc
21.9 kB
FOR508-USB/SIFT-Lab-Install/Timeline Explorer/superTimeline.layout
20.9 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/7f9a6986-f00a-4071-99d3-484c9158beba.ioc
20.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/7f9a6986-f00a-4071-99d3-484c9158beba.ioc
20.6 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/7f9a6986-f00a-4071-99d3-484c9158beba.ioc
20.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/7f9a6986-f00a-4071-99d3-484c9158beba.ioc
20.6 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/7f9a6986-f00a-4071-99d3-484c9158beba.ioc
20.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/547e4128-9dff-45d9-b90f-081ce3966dee.ioc
20.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/547e4128-9dff-45d9-b90f-081ce3966dee.ioc
20.5 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/547e4128-9dff-45d9-b90f-081ce3966dee.ioc
20.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/547e4128-9dff-45d9-b90f-081ce3966dee.ioc
20.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/547e4128-9dff-45d9-b90f-081ce3966dee.ioc
20.5 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/7c739d52-c669-4d51-ac15-8ae66305e232.ioc
19.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/7c739d52-c669-4d51-ac15-8ae66305e232.ioc
19.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/7c739d52-c669-4d51-ac15-8ae66305e232.ioc
19.3 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/7c739d52-c669-4d51-ac15-8ae66305e232.ioc
19.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/7c739d52-c669-4d51-ac15-8ae66305e232.ioc
19.3 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/2106f0d2-a260-4277-90ab-edd3455e31fa.ioc
19.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/2106f0d2-a260-4277-90ab-edd3455e31fa.ioc
19.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/2106f0d2-a260-4277-90ab-edd3455e31fa.ioc
19.2 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/2106f0d2-a260-4277-90ab-edd3455e31fa.ioc
19.2 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/2106f0d2-a260-4277-90ab-edd3455e31fa.ioc
19.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/6037663c-680c-4a28-ad58-40622d206e1d.ioc
19.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Log/Get-LogUserAssist.ps1
17.7 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/86f988b7-fa02-46df-8e19-e50ce37f0fed.ioc
17.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/86f988b7-fa02-46df-8e19-e50ce37f0fed.ioc
17.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/86f988b7-fa02-46df-8e19-e50ce37f0fed.ioc
17.2 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/86f988b7-fa02-46df-8e19-e50ce37f0fed.ioc
17.2 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/86f988b7-fa02-46df-8e19-e50ce37f0fed.ioc
17.2 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/d8240090-affd-466e-a39c-64add5b98813.ioc
16.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/d8240090-affd-466e-a39c-64add5b98813.ioc
16.6 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/d8240090-affd-466e-a39c-64add5b98813.ioc
16.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d8240090-affd-466e-a39c-64add5b98813.ioc
16.6 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d8240090-affd-466e-a39c-64add5b98813.ioc
16.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/AppCompatCache/AppCompatCache.dll
16.4 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/86e9b8ec-7413-453b-a932-b5fb95a8dba6.ioc
16.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/86e9b8ec-7413-453b-a932-b5fb95a8dba6.ioc
16.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/86e9b8ec-7413-453b-a932-b5fb95a8dba6.ioc
16.1 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/86e9b8ec-7413-453b-a932-b5fb95a8dba6.ioc
16.1 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/86e9b8ec-7413-453b-a932-b5fb95a8dba6.ioc
16.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Ramnit.ioc
16.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_cdf7e4a7735d2505bd5c75ca5c23b50f57664ec2_ramnit rootkit.ioc
16.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/6037663c-680c-4a28-ad58-40622d206e1d.ioc
16.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT28/e1cbf7ca-4938-4d3c-a7e6-3ff966516191.ioc
13.2 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/ad521068-6f18-4ab1-899c-11007a18ec73.ioc
12.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/ad521068-6f18-4ab1-899c-11007a18ec73.ioc
12.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/ad521068-6f18-4ab1-899c-11007a18ec73.ioc
12.8 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/ad521068-6f18-4ab1-899c-11007a18ec73.ioc
12.8 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/ad521068-6f18-4ab1-899c-11007a18ec73.ioc
12.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.RecentDocs.dll
12.8 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/d4f103f8-c372-49d1-b9f4-e127d61d0639.ioc
12.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/d4f103f8-c372-49d1-b9f4-e127d61d0639.ioc
12.0 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/d4f103f8-c372-49d1-b9f4-e127d61d0639.ioc
12.0 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d4f103f8-c372-49d1-b9f4-e127d61d0639.ioc
12.0 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d4f103f8-c372-49d1-b9f4-e127d61d0639.ioc
12.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/4fdb0f45-8151-4941-a9e1-a31e21000659.ioc
11.8 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/a461f381-8612-4ce1-a0dc-68bcaca028d0.ioc
11.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/a461f381-8612-4ce1-a0dc-68bcaca028d0.ioc
11.6 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/a461f381-8612-4ce1-a0dc-68bcaca028d0.ioc
11.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/a461f381-8612-4ce1-a0dc-68bcaca028d0.ioc
11.6 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/a461f381-8612-4ce1-a0dc-68bcaca028d0.ioc
11.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/LICENSE
11.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/LICENSE
11.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.SAM.dll
11.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.Ares.dll
11.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32ports.715a275c.xml
11.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/6bb9ce5b-94c1-4733-8bb8-dc5be775b190.ioc
11.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/e1cbf7ca-4938-4d3c-a7e6-3ff966516191.ioc
10.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-FilesByHashes.ps1
10.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_4610c2e6f08fa7f2a29d219e8b3fdcaa5279168e_deep panda chinese apt.ioc
10.4 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/26213db6-9d3b-4a39-abeb-73656acb913e.ioc
10.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/26213db6-9d3b-4a39-abeb-73656acb913e.ioc
10.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/26213db6-9d3b-4a39-abeb-73656acb913e.ioc
10.3 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/26213db6-9d3b-4a39-abeb-73656acb913e.ioc
10.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/26213db6-9d3b-4a39-abeb-73656acb913e.ioc
10.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-FileHashes.ps1
10.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.TimeZoneInformation.dll
10.2 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/6091c4ce-6d73-4202-a7a8-b52406fa4d77.ioc
10.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/6091c4ce-6d73-4202-a7a8-b52406fa4d77.ioc
10.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_13e5d0358dcecb0fc1fbb8b236990c0ae9572ec3_webc2-qbp (family).ioc
10.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/6091c4ce-6d73-4202-a7a8-b52406fa4d77.ioc
10.1 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/6091c4ce-6d73-4202-a7a8-b52406fa4d77.ioc
10.1 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/6091c4ce-6d73-4202-a7a8-b52406fa4d77.ioc
10.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32hivelist.3a064c04.xml
10.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Disabled-Sysadmin-Tools.ioc
10.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-FilesByHash.ps1
10.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-FileHashes.ps1
9.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT3/db0b6ac6-874a-498e-892b-ac7c2020e061.ioc
9.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.FileExts.dll
9.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.LastVisitedMRU.dll
9.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.FirstFolder.dll
9.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.OpenSaveMRU.dll
9.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/AppCompatCache/RegistryPlugin.AppCompatCache.dll
9.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Get-LogparserStack.ps1
9.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/4fdb0f45-8151-4941-a9e1-a31e21000659.ioc
9.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.OfficeMRU.dll
9.2 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/a486d837-9f05-4360-908e-b4244c24723d.ioc
9.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/a486d837-9f05-4360-908e-b4244c24723d.ioc
9.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/a486d837-9f05-4360-908e-b4244c24723d.ioc
9.2 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/a486d837-9f05-4360-908e-b4244c24723d.ioc
9.2 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/a486d837-9f05-4360-908e-b4244c24723d.ioc
9.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/6bb9ce5b-94c1-4733-8bb8-dc5be775b190.ioc
9.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/9a7a6929-25ea-4254-a300-13fd6b39c490.ioc
9.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT12/2384c8ce-6eca-4d06-8aa4-151b53d9a6bc.ioc
8.7 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/4d1ced5f-fe47-4ba4-be0e-81d547f3aa8a.ioc
8.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/4d1ced5f-fe47-4ba4-be0e-81d547f3aa8a.ioc
8.7 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/4d1ced5f-fe47-4ba4-be0e-81d547f3aa8a.ioc
8.7 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/4d1ced5f-fe47-4ba4-be0e-81d547f3aa8a.ioc
8.7 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/4d1ced5f-fe47-4ba4-be0e-81d547f3aa8a.ioc
8.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.CIDSizeMRU.dll
8.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.RunMRU.dll
8.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.UserAssist.dll
8.7 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/3433dad8-879e-40d9-98b3-92ddc75f0dcd.ioc
8.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/3433dad8-879e-40d9-98b3-92ddc75f0dcd.ioc
8.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/3433dad8-879e-40d9-98b3-92ddc75f0dcd.ioc
8.4 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/3433dad8-879e-40d9-98b3-92ddc75f0dcd.ioc
8.4 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/3433dad8-879e-40d9-98b3-92ddc75f0dcd.ioc
8.4 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/56468547-6cf5-4c66-af56-2543d4271482.ioc
8.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/56468547-6cf5-4c66-af56-2543d4271482.ioc
8.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/56468547-6cf5-4c66-af56-2543d4271482.ioc
8.2 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/56468547-6cf5-4c66-af56-2543d4271482.ioc
8.2 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/56468547-6cf5-4c66-af56-2543d4271482.ioc
8.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.7-ZipHistory.dll
8.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT17/7b9e87c5-b619-4a13-b862-0145614d359a.ioc
8.1 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/2fc55747-6822-41d2-bcc1-387fc1b2e67b.ioc
8.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/2fc55747-6822-41d2-bcc1-387fc1b2e67b.ioc
8.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/2fc55747-6822-41d2-bcc1-387fc1b2e67b.ioc
8.1 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/2fc55747-6822-41d2-bcc1-387fc1b2e67b.ioc
8.1 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/2fc55747-6822-41d2-bcc1-387fc1b2e67b.ioc
8.1 kB
FOR508-USB/SIFT-Lab-Install/Timeline Explorer/macTimeline.layout
7.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/db0b6ac6-874a-498e-892b-ac7c2020e061.ioc
7.9 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/6bd24113-2922-4d25-b490-f727f47ba948.ioc
7.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/6bd24113-2922-4d25-b490-f727f47ba948.ioc
7.6 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/6bd24113-2922-4d25-b490-f727f47ba948.ioc
7.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/6bd24113-2922-4d25-b490-f727f47ba948.ioc
7.6 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/6bd24113-2922-4d25-b490-f727f47ba948.ioc
7.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/5a8d6878-2649-4ddc-a1f6-c98932a54f91.ioc
7.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/32b168e6-dbd6-4d56-ba2f-734553239efe.ioc
7.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/32b168e6-dbd6-4d56-ba2f-734553239efe.ioc
7.5 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/32b168e6-dbd6-4d56-ba2f-734553239efe.ioc
7.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/32b168e6-dbd6-4d56-ba2f-734553239efe.ioc
7.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/32b168e6-dbd6-4d56-ba2f-734553239efe.ioc
7.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/ZeroAccessSiref.P.ioc
7.5 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/af5f65fc-e1ca-45db-88b1-6ccb7191ee6a.ioc
7.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/af5f65fc-e1ca-45db-88b1-6ccb7191ee6a.ioc
7.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/af5f65fc-e1ca-45db-88b1-6ccb7191ee6a.ioc
7.3 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/af5f65fc-e1ca-45db-88b1-6ccb7191ee6a.ioc
7.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/af5f65fc-e1ca-45db-88b1-6ccb7191ee6a.ioc
7.3 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/ece1846e-98d3-4ddc-a520-0dcda4866989.ioc
7.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/ece1846e-98d3-4ddc-a520-0dcda4866989.ioc
7.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/ece1846e-98d3-4ddc-a520-0dcda4866989.ioc
7.2 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/ece1846e-98d3-4ddc-a520-0dcda4866989.ioc
7.2 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/ece1846e-98d3-4ddc-a520-0dcda4866989.ioc
7.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/9a7a6929-25ea-4254-a300-13fd6b39c490.ioc
7.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/2384c8ce-6eca-4d06-8aa4-151b53d9a6bc.ioc
6.8 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/4a2c5f60-f4c0-4844-ba1f-a14dac9fa36c.ioc
6.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/4a2c5f60-f4c0-4844-ba1f-a14dac9fa36c.ioc
6.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/4a2c5f60-f4c0-4844-ba1f-a14dac9fa36c.ioc
6.8 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/4a2c5f60-f4c0-4844-ba1f-a14dac9fa36c.ioc
6.8 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/4a2c5f60-f4c0-4844-ba1f-a14dac9fa36c.ioc
6.8 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/9c9368cd-3a1f-4200-b093-adb97d5f1f5d.ioc
6.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/9c9368cd-3a1f-4200-b093-adb97d5f1f5d.ioc
6.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/9c9368cd-3a1f-4200-b093-adb97d5f1f5d.ioc
6.8 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/9c9368cd-3a1f-4200-b093-adb97d5f1f5d.ioc
6.8 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/9c9368cd-3a1f-4200-b093-adb97d5f1f5d.ioc
6.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32tasks.00414040.xml
6.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-AutorunscDeep.ps1
6.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_eb666b9fdb964500f9a67f45935c8ccee3d99a3a_duqu kaspersky.ioc
6.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/84f04df2-25cd-4f59-a920-448d8843b6fc.ioc
6.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/84f04df2-25cd-4f59-a920-448d8843b6fc.ioc
6.5 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/84f04df2-25cd-4f59-a920-448d8843b6fc.ioc
6.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/84f04df2-25cd-4f59-a920-448d8843b6fc.ioc
6.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/84f04df2-25cd-4f59-a920-448d8843b6fc.ioc
6.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/7b9e87c5-b619-4a13-b862-0145614d359a.ioc
6.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/wmic_lr_remote.cmd
6.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_4f8622cf3eaa9056fb5fc841b5e1297329b944ee_kronos banking trojan.ioc
6.1 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/0c7c902c-67f8-479c-9f44-4d985106365a.ioc
6.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/0c7c902c-67f8-479c-9f44-4d985106365a.ioc
6.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/0c7c902c-67f8-479c-9f44-4d985106365a.ioc
6.1 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/0c7c902c-67f8-479c-9f44-4d985106365a.ioc
6.1 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/0c7c902c-67f8-479c-9f44-4d985106365a.ioc
6.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/5a8d6878-2649-4ddc-a1f6-c98932a54f91.ioc
6.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32useraccounts.263b7301.xml
6.0 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/7d2eaadf-a5ff-4199-996e-af6258874dad.ioc
6.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/7d2eaadf-a5ff-4199-996e-af6258874dad.ioc
6.0 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/7d2eaadf-a5ff-4199-996e-af6258874dad.ioc
6.0 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/7d2eaadf-a5ff-4199-996e-af6258874dad.ioc
6.0 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/7d2eaadf-a5ff-4199-996e-af6258874dad.ioc
6.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/113e561e-60d2-48db-979d-02f207550125.ioc
5.8 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/5477b392-e565-45c5-9cb4-f561d6daeddc.ioc
5.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/5477b392-e565-45c5-9cb4-f561d6daeddc.ioc
5.7 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/5477b392-e565-45c5-9cb4-f561d6daeddc.ioc
5.7 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/5477b392-e565-45c5-9cb4-f561d6daeddc.ioc
5.7 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/5477b392-e565-45c5-9cb4-f561d6daeddc.ioc
5.7 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/c7fa2ea5-36d5-4a52-a6cf-ddc2257cb6f9.ioc
5.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/c7fa2ea5-36d5-4a52-a6cf-ddc2257cb6f9.ioc
5.7 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/c7fa2ea5-36d5-4a52-a6cf-ddc2257cb6f9.ioc
5.7 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/c7fa2ea5-36d5-4a52-a6cf-ddc2257cb6f9.ioc
5.7 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/c7fa2ea5-36d5-4a52-a6cf-ddc2257cb6f9.ioc
5.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/wmic_lr.zip
5.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/wmic_lr_local.cmd
5.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/2bff223f-9e46-47a7-ac35-d35f8138a4c7.ioc
5.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/2bff223f-9e46-47a7-ac35-d35f8138a4c7.ioc
5.5 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/2bff223f-9e46-47a7-ac35-d35f8138a4c7.ioc
5.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/2bff223f-9e46-47a7-ac35-d35f8138a4c7.ioc
5.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/2bff223f-9e46-47a7-ac35-d35f8138a4c7.ioc
5.5 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/d14d5f09-9050-4769-b00d-30fce9e6eb85.ioc
5.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/d14d5f09-9050-4769-b00d-30fce9e6eb85.ioc
5.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/d14d5f09-9050-4769-b00d-30fce9e6eb85.ioc
5.4 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d14d5f09-9050-4769-b00d-30fce9e6eb85.ioc
5.4 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d14d5f09-9050-4769-b00d-30fce9e6eb85.ioc
5.4 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/fdfb2c22-d0c4-4bf0-8ea4-27d8d51f98ea.ioc
5.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/fdfb2c22-d0c4-4bf0-8ea4-27d8d51f98ea.ioc
5.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/fdfb2c22-d0c4-4bf0-8ea4-27d8d51f98ea.ioc
5.3 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/fdfb2c22-d0c4-4bf0-8ea4-27d8d51f98ea.ioc
5.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/fdfb2c22-d0c4-4bf0-8ea4-27d8d51f98ea.ioc
5.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/volatility/xp-tdungan-apihooks.txt
5.1 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Deserialize-KansaField.ps1
5.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT28/0ff58bf9-1c07-42f6-b135-b18c139f631a.ioc
5.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/b513e829-b023-426a-b7d4-accd511be3c0.ioc
5.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/FIN4/fb0699e2-23a6-40f9-bf96-4514d629eec3.ioc
5.0 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/8900aa6b-883d-48d3-a07d-d49b0429dd2b.ioc
4.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/8900aa6b-883d-48d3-a07d-d49b0429dd2b.ioc
4.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/8900aa6b-883d-48d3-a07d-d49b0429dd2b.ioc
4.8 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/8900aa6b-883d-48d3-a07d-d49b0429dd2b.ioc
4.8 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/8900aa6b-883d-48d3-a07d-d49b0429dd2b.ioc
4.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-DNSCache.ps1
4.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/61695156-298c-4d77-ad7f-48feb562fb75.ioc
4.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/61695156-298c-4d77-ad7f-48feb562fb75.ioc
4.5 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/61695156-298c-4d77-ad7f-48feb562fb75.ioc
4.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/61695156-298c-4d77-ad7f-48feb562fb75.ioc
4.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/61695156-298c-4d77-ad7f-48feb562fb75.ioc
4.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/113e561e-60d2-48db-979d-02f207550125.ioc
4.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/548cfc54-42b9-48c6-a753-02e74246699b.ioc
4.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/e598231d-8584-4535-a0de-94e822f04c0b.ioc
4.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/default-template.ps1
4.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/disk/Get-WebrootListingEntropyOutliers.ps1
4.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Batchwiper.ioc
4.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-PSProfiles.ps1
4.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-Netstat.ps1
4.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/filter_windows.txt
4.0 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/filter_windows.txt
4.0 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/filter_windows.txt
4.0 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/3e01b786-fe3a-4228-95fa-c3986e2353d6.ioc
4.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/3e01b786-fe3a-4228-95fa-c3986e2353d6.ioc
4.0 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/3e01b786-fe3a-4228-95fa-c3986e2353d6.ioc
4.0 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/3e01b786-fe3a-4228-95fa-c3986e2353d6.ioc
4.0 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/3e01b786-fe3a-4228-95fa-c3986e2353d6.ioc
4.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/b513e829-b023-426a-b7d4-accd511be3c0.ioc
3.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/fb0699e2-23a6-40f9-bf96-4514d629eec3.ioc
3.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-IOCsByPath.ps1
3.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/0ff58bf9-1c07-42f6-b135-b18c139f631a.ioc
3.7 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32network-route.33247828.xml
3.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT3/62f65dae-9475-44b0-a9eb-c1baebbd9885.ioc
3.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-WebrootListing.ps1
3.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/68505678-f820-48c5-9d13-fa0b3b8be190.ioc
3.5 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/README.md
3.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/GeorBot.ioc
3.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-WMIRecentApps.ps1
3.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/WMIC-README.txt
3.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Log/Get-RdpConnectionLogs.ps1
3.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-SvcTrigs.ps1
3.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/e598231d-8584-4535-a0de-94e822f04c0b.ioc
3.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/MSLimitedPublicLicense.txt
3.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/60a6de64-7308-4af1-9003-dc23a73fdf01.ioc
3.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT18/0ae061d7-c624-4a84-8adf-00281b97797b.ioc
3.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT28/bdf7929c-3f0b-4fdd-bcc5-b4a82554ad92.ioc
3.1 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-File.ps1
2.9 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-ProcsNModules.ps1
2.9 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-ProcDump.ps1
2.9 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Modules.conf
2.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT28/a438caeb-96dd-4225-853c-fc5910980961.ioc
2.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/0b879284-0c37-4bfa-9dd8-34505a9c5175.ioc
2.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-Handle.ps1
2.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-ProcsWMI.ps1
2.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/config/Get-AMHealthStatusStack.ps1
2.6 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/windows-tags.txt
2.5 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-GPResult.ps1
2.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT28/a6c6dbf0-d72a-4f07-8b11-55527aef4755.ioc
2.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/contributing.md
2.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32network-dns.64125a55.xml
2.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-SvcFail.ps1
2.1 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-SharePermissions.ps1
2.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/60a6de64-7308-4af1-9003-dc23a73fdf01.ioc
2.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32system.09214d4d.xml
2.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/0ae061d7-c624-4a84-8adf-00281b97797b.ioc
2.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/bdf7929c-3f0b-4fdd-bcc5-b4a82554ad92.ioc
2.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/IOC/Get-Loki.ps1
2.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/README.MD
1.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_031920b99a51bae014d6f882c48fa594ccf99d61_apt 28 russia cyber espionage oldbait.ioc
1.9 kB
FOR508-USB-B/win2008R2-controller-10.3.58.4/win2008R2-controller-c-drive/win2008R2-controller-c-drive.E01.txt
1.9 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32disks.2427162a.xml
1.9 kB
FOR508-USB-B/win7-64-nfury-10.3.58.6/win7-64-nfury-c-drive/win7-64-nfury-c-drive.E01.txt
1.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/xp-tdungan-c-drive.E01.txt
1.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-SigCheckRandomPath.ps1
1.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-Autorunsc.ps1
1.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Analysis.conf
1.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/0b879284-0c37-4bfa-9dd8-34505a9c5175.ioc
1.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatForeign16sStack.ps1
1.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatByProtoForeignIpStateComponentProcessStack.ps1
1.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-FlsBodyfile.ps1
1.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatForeign24sStack.ps1
1.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatStack.ps1
1.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatForeignIpPortProcesStack.ps1
1.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/meta/Get-FileLengths.ps1
1.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Log/Get-OfficeMRU.ps1
1.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-memory/win7-32-nromanoff-memory-raw.txt
1.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-memory/win7-32-nromanoff-memory-raw.txt
1.5 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatForeignIpProcess.ps1
1.5 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/config/Get-AMInfectionStatus.ps1
1.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32network-arp.1c4d1932.xml
1.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32volumes.6a174b23.xml
1.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-ClrVersion.ps1
1.4 kB
FOR508-USB-B/win2008R2-controller-10.3.58.4/win2008R2-controller-memory/win2008R2-controller-memory-raw.001.txt
1.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/a6c6dbf0-d72a-4f07-8b11-55527aef4755.ioc
1.3 kB
FOR508-USB-B/win7-64-nfury-10.3.58.6/win7-64-nfury-memory/win7-64-nfury-memory-raw.001.txt
1.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-memory/xp-tdungan-memory-raw.txt
1.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-WMIIETelemetry.ps1
1.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/ToDo
1.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-RekalPslist.ps1
1.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcAllStack.ps1
1.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-PrefetchFiles.ps1
1.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-Arp.ps1
1.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-ASEPImagePathLaunchStringMD5UnsignedTimeStack.ps1
1.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcFailStack.ps1
1.1 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-ASEPImagePathLaunchStringMD5UnsignedStack.ps1
1.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProcsWMITempExePath.ps1
1.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-PSDotNetVersion.ps1
1.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatListenerStack.ps1
985 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/HTTPPUMP.txt
981 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-ASEPImagePathLaunchStringUnsignedStack.ps1
945 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcFailAllStack.ps1
944 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-ASEPImagePathLaunchStringPublisherStack.ps1
928 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcStartNameStack.ps1
904 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-ASEPImagePathLaunchStringStack.ps1
876 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-ASEPImagePathLaunchStringMD5Stack.ps1
865 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-IIS.ps1
862 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcTrigStack.ps1
839 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/RECmd/NLog.config
837 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatDistinctLocal16IPv4.ps1
835 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-PrefetchListing.ps1
813 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatDistinctLocal24.ps1
794 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcFailCmdLineStack.ps1
791 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Log/Get-LogWinEvent.ps1
777 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/log/Get-LogUserAssistValueByDate.ps1
775 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/FIN4/MACROCHECK.yara
761 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-PrefetchListingLastWriteTime.ps1
761 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_Terminal Server_bc0da746-e8c5-465a-a70f-2779e7c914de
755 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProcsWMISortByCreationDate.ps1
735 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Log/Get-LogOpenSavePidlMRU.ps1
731 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/operation_poisoned_handover.yara
728 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-PrefetchListingStack.ps1
721 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/log/Get-LogUserAssistValueStack.ps1
715 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProcsWMICLIMD5Stack.ps1
715 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_Image File Execution Options_59ddbb92-609a-44e8-9bb7-e1f5b797e397
710 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-AMInfectionStatus.ps1
696 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-HandleProcessOwnerStack.ps1
692 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-ARPStack.ps1
685 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/config/Get-LocalAdminStack.ps1
674 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProcsWMIProcessNameStack.ps1
636 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-DNSCacheStack.ps1
634 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProcsWMICmdlineStack.ps1
632 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-Tasklistv.ps1
613 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProcsWMIPath.ps1
608 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-AMHealthStatus.ps1
602 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/meta/Get-AllFileLengths.ps1
599 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-WMIEvtFilter.ps1
589 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-Hotfix.ps1
574 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-ImagePathExecutionOptions.ps1
573 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT3/README.md
563 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_Windows_d73fc227-8ea3-45e8-ac69-041a06a6c629
562 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-Prox.ps1
531 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-DiskUsage.ps1
516 Bytes
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/mbr/mbr.001
512 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-Sigcheck.ps1
496 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-WMIEvtConsumer.ps1
495 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-TempDirListing.ps1
489 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_TimeZoneInformation_e16fbaa9-172c-4501-a55d-0cb4adb02cac
483 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-CertStore.ps1
480 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Storage_System_{10497b1b-ba51-44e5-8318-a65c837b6661}_9fe29ea5-44f1-4d92-82a0-d6b1fb84ee34
475 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Log/Get-LogCBS.ps1
464 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_CrashControl_a4d38e6e-fa6e-4ceb-8a1f-b7b2f25bf573
447 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_EMDMgmt_5c905164-7055-4422-a141-f8539d5ef4fe
426 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProxSystemStartTime.ps1
411 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_System_AppCompatCache_f1adf410-8700-4a83-bc2e-f53cededc03d
411 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_{6bdd1fc6-810f-11d0-bec7-08002be2092f}_80aafc9b-f28d-41a8-929c-6c016c4b5bc0
404 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-LocalAdmins.ps1
401 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_dcda86771553fa54820b22099277599cb479f702_mattulm.yara
387 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_FilesNotToSnapshot_af3e091f-8598-43e1-9e19-39c1352a72ea
378 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_CurrentVersion_3d9483dc-d89c-423a-ae83-a57405d6a752
373 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_MountPoints2_28014255-7733-4398-a859-dd76642a19c7
363 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_PrefetchParameters_0f9651f6-3aa8-4bac-89aa-e57a73744ee2
362 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_Channels_8ab43ae7-05ce-4c41-9c70-f77df5317e67
359 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT12/README.md
353 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_Control Panel_7e993a1a-b5af-4247-8b34-6bbe13eb7f3c
352 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT17/README.md
350 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_NtUser_UserAssist_660a4ade-592f-4c64-bd85-8241378d0839
350 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_NtUser_FileExts_03427bd9-675f-4564-9d7b-058e797a7cb6
348 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-SvcAll.ps1
344 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User network_System_FirewallPolicy_6701136a-ccfb-476e-af28-d58543636ba4
343 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_Winlogon_129b227e-57cd-400b-b370-4ef3d08f9627
343 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_NtUser_RunMRU_524957bc-0c7e-490c-a8cf-f6bce2e1e1b5
342 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_NtUser_FirstFolder_a640410c-d053-4966-ace5-36bc4b977c9a
342 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT28/README.md
339 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcAllRunningAuto.ps1
332 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_UsrClass_BagMRU_237fdb41-7713-485d-94ab-f07f4c157356
332 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_Memory Management_15dc67bb-bf95-46ef-87db-e4e34e387125
331 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-SmbShare.ps1
330 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT30/README.md
325 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_FileSystem_b20a0736-0d62-4a26-9539-a53ded5f152b
321 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_User MRU_6bbf4038-b3c6-4ba5-a4e1-d04d3166e675
321 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_Devices_121a3617-c512-4b5f-a770-11b1cdb19983
321 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_Compression_d0e9ff87-f6be-47ec-888d-164cb58f19f3
320 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_NtUser_MUICache_a51a8919-ffdd-4135-91fa-affac7f65bb5
319 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_Environment_7044cf87-168f-4588-bae0-426632d08330
319 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-WMIFltConBind.ps1
318 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Storage_System_USBSTOR_3d1bc4ba-8eb2-4ec7-a4be-e6792505f999
318 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_RDP-Tcp_6e9f18d0-7173-424c-b695-e8c2894ee110
317 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_RecentDocs_51af122a-734f-4b9b-8138-4633f67e0cad
317 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_Map Network Drive MRU_df6ed689-944a-46b1-a806-f5f78830429a
315 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/FIN4/README.md
314 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_Shell Folders_feec11a9-1482-4629-a083-0caf2df99873
313 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User configuration_Software_StartMenuInternet_dc7c443e-51be-41c6-bd71-851c9d108ad6
312 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User configuration_Software_command_0054aabe-ed43-4485-b3ce-bc6490cfe81e
312 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_Windows Portable Devices_39661eda-1373-493a-b333-583c51c9e74b
310 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Network_System_{4d36e972-e325-11ce-bfc1-08002be10318}_54796294-d279-4552-bda5-fe672b4ea675
309 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_ComDlg32_44d580cf-ef19-4749-b833-f787ac1b0220
308 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_{53f56307-b6bf-11d0-94f2-00a0c91efb8b}_18c3eafb-034d-49b6-9558-45b92416bf33
307 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_User MRU_41e2c5c4-4da2-4b96-99ae-a4fb532f93d4
306 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_EventLog_e99f1b87-9f35-4876-a5c5-3c99b92e4bfd
305 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Web browsing_NtUser_TypedURLs_24aec1e0-f92a-49db-8ec0-8443a7bbd130
305 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Network_Software_NetworkCards_3cfa462c-31d1-4ad6-8b47-98f281c50728
305 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_NtUser_CD Burning_0f0005c8-7a16-4223-8a73-87dc0d307849
305 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_User MRU_83fcbc4b-a0d4-40d2-b414-91ffa96d778c
303 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Software_Software_Products_c6b061c4-df1d-477f-bcde-4846ec328c31
292 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User network_NtUser_Default_617e9fc6-565a-4986-a3fa-7e517fcbf6a3
292 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User configuration_NtUser_Internet Settings_57563b19-0d7b-4f61-a76a-5ec5dfecb7c4
291 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_Services_9a4c3785-ec1c-4248-8b0a-cc32a3578d67
290 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_FileHistory_2895d67d-8601-45df-9758-f72958482822
288 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Software_Software_Internet Explorer_140f36ce-6571-4966-b6e4-641c30a9b9b1
284 Bytes
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/Issues.BatchResults.xml
284 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_SafeBoot_1da3ee50-90bf-49ed-9aa6-b97ba9948eee
282 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_ComputerName_f5259882-9906-413f-b845-b2bbca09ffeb
279 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT18/README.md
277 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User general_NtUser_WordWheelQuery_89ca3fef-d045-4ff2-8891-4c61cf6c30ea
276 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Network_Software_LastConnect_1516cac4-ff62-4d2e-a9f5-a20815853b3e
276 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_NtUser_Sysinternals_a801be22-7473-4c4c-9a57-9dbc90bcbf7c
275 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_CurrentVersion_0a017e3d-c0fe-40c9-84fb-8bcd45c96a7e
274 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User configuration_NtUser_PrinterPorts_fe1bbde9-e2bc-4764-9948-3c3b8d8c2112
270 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Software_Software_Products_a3ce0f6a-434d-4c2d-ba8f-16ce24209fe4
270 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Autoruns_Software_Run_b747b395-acee-4576-9b52-a89349b8d831
262 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Storage_System_MountedDevices_0d010e87-8b14-4ce1-b084-e99b5ab9748c
261 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Autoruns_NtUser_Run_2ec3d165-3d58-417e-bf86-d30652b7b53a
261 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-Products.ps1
258 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User configuration_NtUser_CurrentVersion_b8239cb1-3e84-41ae-a156-ebabfadea7d1
255 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Communication_NtUser_UnreadMail_d6d419d3-bc7c-4e6c-b73d-e1235c3a2943
253 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-SmbSession.ps1
251 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Sam_Users_58f6066e-53f0-43a7-823c-5679da0e4cd9
251 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User configuration_NtUser_CurrentVersion_9fef0ee2-99c9-4131-bd77-3f28fad9f8c7
250 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User network_System_Shares_7794e865-4630-4703-ac0f-76e650314b01
249 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User network_NtUser_FTP_013baa05-0d47-4db7-9dbd-d4cb6231dc90
248 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_Windows_29e05135-bc83-4332-a11b-ea3c357e4de5
241 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_VSS_7afab042-09fb-4f0f-ae3e-b3c58c93f83c
240 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_7-Zip_af7dfd06-6a98-4c8b-a795-bfb9f5ae407d
233 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User general_NtUser_CCleaner_ec48ddd3-4f09-4431-b388-7f5d18eaab43
228 Bytes
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/LibreOffice-Howto-Supertimeline-Formatting.txt
227 Bytes
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/LibreOffice-Howto-Supertimeline-Formatting.txt
227 Bytes
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/LibreOffice-Howto-Supertimeline-Formatting.txt
227 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Communication_NtUser_TeamViewer_d32c0647-339c-4d4f-8282-daf26b927699
225 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User network_NtUser_Ares_fe9bac6b-b1fd-4710-8579-80b31f4fe288
224 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Settings/Categories
221 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_USB_d9ecec7b-e4c6-4c8d-9f65-2b971efbb4c4
221 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/README.md
218 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User network_NtUser_TeamViewer_6aa0d3cd-9926-4f23-bf9b-f675636944f0
217 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_WinRAR_204cf564-85f5-42b9-983f-d94a970e7374
211 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Autoruns_UsrClass_VirtualStore_bac80d4f-92ed-41a6-bb70-9749bf17736e
211 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-NetIPInterfaces.ps1
177 Bytes
FOR508-USB/documents/~$Threat-Hunting-Links.xlsx
165 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-NetRoutes.ps1
154 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/.gitignore
120 Bytes
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/whitelist.txt
99 Bytes
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/whitelist.txt
99 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/.gitignore
89 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/.gitignore
50 Bytes
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/whitelist.txt
50 Bytes
vm-pass.txt
23 Bytes
随机展示
相关说明
本站不存储任何资源内容,只收集BT种子元数据(例如文件名和文件大小)和磁力链接(BT种子标识符),并提供查询服务,是一个完全合法的搜索引擎系统。 网站不提供种子下载服务,用户可以通过第三方链接或磁力链接获取到相关的种子资源。本站也不对BT种子真实性及合法性负责,请用户注意甄别!
>
