搜索
SANS FOR508 2016
磁力链接/BT种子名称
SANS FOR508 2016
磁力链接/BT种子简介
种子哈希:
ef9ee1ce583e8049e7960aa6d68f43d9960ace52
文件大小:
91.79G
已经下载:
120
次
下载速度:
极快
收录时间:
2022-04-30
最近下载:
2025-01-29
移花宫入口
移花宫.com
邀月.com
怜星.com
花无缺.com
yhgbt.icu
yhgbt.top
磁力链接下载
magnet:?xt=urn:btih:EF9EE1CE583E8049E7960AA6D68F43D9960ACE52
推荐使用
PIKPAK网盘
下载资源,10TB超大空间,不限制资源,无限次数离线下载,视频在线观看
下载BT种子文件
磁力链接
迅雷下载
PIKPAK在线播放
91视频
含羞草
欲漫涩
逼哩逼哩
成人快手
51品茶
抖阴破解版
暗网禁地
91短视频
TikTok成人版
PornHub
草榴社区
乱伦社区
少女初夜
萝莉岛
最近搜索
91老金
某藝術學院女神靜靜星級酒店超大尺度私拍
逼毛
snl—korea
2021.07.14
日高
下一站
抱摔
yimingcuriosity
索尔最全集合,张婉莹美拍小表妹
良家小少妇
家庭摄像头孩子
sweet.home
mollyredwolf 2021
8
强奸奶奶
舔逼热身
040613_878
spc-234
无情的屌 探花一哥重磅回归 带来超高颜值大圈空姐
fellatiojapan-467
fc2ppv-3962756
10.10.16
重口味直播
ПОРНО
wowgirls+-+irina_k_you_made_her_hot_hd1080
kaoru hazuki
158
msfs-2024
パンスト美女の艶やかな裏側
文件列表
FOR508-USB/SIFT-Lab-Install/SIFT/SIFT 3 - FOR508.zip
18.5 GB
FOR508-USB-B/win2008R2-controller-10.3.58.4/win2008R2-controller-c-drive/win2008R2-controller-c-drive.E01
14.4 GB
FOR508-USB-B/win7-64-nfury-10.3.58.6/win7-64-nfury-c-drive/win7-64-nfury-c-drive.E01
12.0 GB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/win7-32-nromanoff-c-drive.E01
9.7 GB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/win7-32-nromanoff-c-drive.E01
9.7 GB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/xp-tdungan-c-drive.E01
7.0 GB
FOR508-USB-B/win2008R2-controller-10.3.58.4/win2008R2-controller-memory/win2008R2-controller-memory-raw.001
2.7 GB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-memory/xp-tdungan-memory-raw.001
2.1 GB
FOR508-USB-B/win7-64-nfury-10.3.58.6/win7-64-nfury-memory/win7-64-nfury-memory-raw.001
2.1 GB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-memory/win7-32-nromanoff-memory-raw.001
2.1 GB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-memory/win7-32-nromanoff-memory-raw.001
2.1 GB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-memory/baseline-memory/XPSP3x86-baseline.img
2.1 GB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-memory/baseline-memory/Win7SP1x86-baseline.img
2.1 GB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-memory/baseline-memory/Win7SP1x86-baseline.img
2.1 GB
FOR508-USB/example-memory-images/xp_tdungan_live_audit.mans
715.0 MB
FOR508-USB/SIFT-Lab-Install/VMware/VMware-workstation-full-10.0.4-2249910.exe
515.0 MB
FOR508-USB-B/win2008R2-controller-10.3.58.4/win2008R2-controller-memory/win2008DC-Memory.mans
454.8 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32processes-memory.60040847.xml
423.1 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/bulk-extractor/bulk-extractor-output.zip
315.2 MB
FOR508-USB/example-memory-images/storm_worm.mans
295.3 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32apifiles.111f277c.xml
263.6 MB
FOR508-USB/example-memory-images/nromanoff.mans
244.3 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/nromanoff.mans
244.3 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/nromanoff.mans
244.3 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/FOR408-Tools.zip
242.9 MB
FOR508-USB/SIFT-Lab-Install/IOC Editor/DOTNET/dotnetfx35_FULL.exe
242.7 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32registryapi.727d315d.xml
241.0 MB
FOR508-USB/SIFT-Lab-Install/DATA-FOR-FINAL-DAY.zip
223.8 MB
FOR508-USB/example-memory-images/sobig.zip
177.4 MB
FOR508-USB/example-memory-images/stuxnet.zip
175.9 MB
FOR508-USB/example-memory-images/APT.zip
174.8 MB
508.3-4.1.pdf
155.9 MB
508.2.1.pdf
135.0 MB
508.workbook.3.pdf
134.5 MB
508.3-4.2.pdf
133.4 MB
FOR508-USB/example-memory-images/conficker.zip
128.0 MB
508.1.pdf
115.3 MB
508.5.1.pdf
113.3 MB
FOR508-USB-B/win7-64-nfury-10.3.58.6/win7-64-nfury-memory/win7-nfury-memory.mans
108.7 MB
508.workbook.2.pdf
106.6 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/xp-tdungan-plaso.dump
100.7 MB
FOR508-USB/SIFT-Lab-Install/VMware/VMware-player-6.0.3-1895310.exe
98.9 MB
508.5.2.pdf
98.2 MB
FOR508-USB/example-memory-images/xp_tdungan.mans
93.8 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-memory/xp_tdungan.mans
93.8 MB
FOR508-USB/example-memory-images/TDSS.zip
93.3 MB
508.workbook.1.pdf
91.7 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/xp_tdungan.mans
91.3 MB
FOR508-USB/example-memory-images/storm_worm.zip
74.0 MB
508.2.2.pdf
73.6 MB
FOR508-USB/example-memory-images/APT.mans
73.5 MB
FOR508-USB/example-memory-images/stuxnet.mans
71.8 MB
FOR508-USB/SIFT-Lab-Install/Redline/Redline-1.14.msi
70.2 MB
FOR508-USB/SIFT-Lab-Install/Redline/DOTNET/dotNetFx4.5_Full.exe
70.0 MB
FOR508-USB/SIFT-Lab-Install/IOC Editor/DOTNET/dotNetFx4.5_Full.exe
70.0 MB
FOR508-USB/SIFT-Lab-Install/IOC Editor/DOTNET/DOTNET/dotNetFx4.5_Full.exe
70.0 MB
FOR508-USB/SIFT-Lab-Install/Redline/Redline-Older-Versions/Redline-1.12.msi
69.5 MB
FOR508-USB/SIFT-Lab-Install/Redline/Redline-Older-Versions/Redline-1.13.msi
68.2 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/plaso.dump
64.9 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/win7-32-nromanoff-plaso.dump
64.9 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/plaso.dump
64.9 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/win7-32-nromanoff-plaso.dump
64.9 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32systemrestore.05361a50.xml
59.6 MB
FOR508-USB/SIFT-Lab-Install/Redline/m-whitelist-1.0.txt
57.3 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/m-whitelist-1.0.txt
57.3 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/m-whitelist-1.0.txt
57.3 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/m-whitelist-1.0.txt
57.3 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/win7-32-nromanoff-bodyfile
54.8 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/win7-32-nromanoff-bodyfile
54.8 MB
FOR508-USB/example-memory-images/sobig.mans
53.9 MB
FOR508-USB/SIFT-Lab-Install/Redline/DOTNET/dotNetFx40_Full_x86_x64.exe
50.4 MB
FOR508-USB/SIFT-Lab-Install/IOC Editor/DOTNET/dotNetFx40_Full_x86_x64.exe
50.4 MB
FOR508-USB/SIFT-Lab-Install/IOC Editor/DOTNET/DOTNET/dotNetFx40_Full_x86_x64.exe
50.4 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/plaso.csv
42.6 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/plaso.csv
42.6 MB
FOR508-USB/example-memory-images/zeus.zip
42.4 MB
FOR508-USB/example-memory-images/black_energy.zip
41.7 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/RegistryExplorer.exe
40.7 MB
FOR508-USB/example-memory-images/zeus.mans
39.8 MB
FOR508-USB/example-memory-images/black_energy.mans
37.8 MB
FOR508-USB/example-memory-images/conficker.mans
35.6 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/plaso.csv
32.5 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/supertimeline.csv
31.5 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/supertimeline.csv
31.5 MB
FOR508-USB/example-memory-images/TDSS.mans
29.5 MB
FOR508-USB/SIFT-Lab-Install/Timeline Explorer/TimelineExplorer.exe
28.4 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/timeline.csv
26.1 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/volume-shadow/vss-supertimeline.xlsx
23.7 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/volume-shadow/vss-supertimeline.xlsx
23.7 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32scripting-persistence.35320a21.xml
19.5 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32eventlogs.617a4e0f.xml
17.8 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/ANJPv3.11.07_FE.exe
17.7 MB
FOR508-USB/SIFT-Lab-Install/F-Response-Enterprise/F-ResponseEnterprise.exe
16.1 MB
FOR508-USB-B/win7-64-nfury-10.3.58.6/NFURY-FINAL-TIMELINE.xlsx
12.9 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/sleuthkit-4.3.0-win32.zip
12.3 MB
FOR508-USB/documents/Windows 10 Security Auditing and Monitoring Reference.docx
9.9 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/XP-TDUNGAN-TIMELINE-FINAL.xlsx
9.6 MB
FOR508-USB/SIFT-Lab-Install/Redline/User-Guide-redline.pdf
9.1 MB
FOR508-USB/SIFT-Lab-Install/Redline/Redline-Older-Versions/Redline1.13_UserGuide.pdf
7.8 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/WIN7-NROMANOFF-TIMELINE-FINAL.xlsx
7.1 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/WIN7-NROMANOFF-TIMELINE-FINAL.xlsx
7.1 MB
FOR508-USB/documents/Threat Intelligence Reports/2013-Mandiant_APT1_Report.pdf
6.8 MB
FOR508-USB/documents/Threat Intelligence Reports/Mandiant_APT1_Report.pdf
6.8 MB
FOR508-USB/documents/Threat Intelligence Reports/rpt-poison-ivy.pdf
6.1 MB
FOR508-USB/documents/Linux-and -VMware-How-To.pdf
5.7 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/XP-TDUNGAN-TIMELINE-FINAL.xlsx
5.6 MB
FOR508-USB/SIFT-Lab-Install/Event Log Explorer/elex_setup.exe
5.0 MB
FOR508-USB/documents/Threat Intelligence Reports/CyberIntrusionCasebook.pdf
4.9 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/RegistryExplorerManual.pdf
4.7 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Emailtime 2013-04-09.zip
4.5 MB
FOR508-USB/documents/Threat Intelligence Reports/2015-Equation_group_questions_and_answers.pdf
4.2 MB
FOR508-USB/documents/Evidence-Of-Poster.pdf
3.9 MB
FOR508-USB/documents/SANS-DFIR-CATALOG.pdf
3.7 MB
FOR508-USB/documents/Threat Intelligence Reports/h12756-wp-shell-crew.pdf
3.6 MB
FOR508-USB/documents/Windows Artifacts Dissected by Mike Murr.pdf
3.6 MB
FOR508-USB/documents/Memory-Forensics-Poster.pdf
3.5 MB
FOR508-USB/documents/Threat Intelligence Reports/PlugX-DLL-Sideloading.pdf
3.4 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/nromanoff-mactime-timeline.csv
3.1 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/nromanoff-mactime-timeline.csv
3.1 MB
FOR508-USB/documents/Threat Intelligence Reports/CrowdStrike_Global_Threat_Report_2014.pdf
3.1 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/TIMELINE_COLOR_TEMPLATE.xlsx
3.0 MB
FOR508-USB/documents/Threat Intelligence Reports/CrowdStrike_Global_Threat_Report_2015.pdf
3.0 MB
FOR508-USB/documents/Threat Intelligence Reports/2014-Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf
2.9 MB
FOR508-USB/documents/Examining Shadows Volumes in a Raw Image.pdf
2.6 MB
FOR508-USB/documents/Threat Intelligence Reports/FireEye-APT-Handbook.pdf
2.5 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/fls.zip
2.4 MB
FOR508-USB/documents/Threat Intelligence Reports/M-TRENDS-2015.pdf
2.3 MB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Mandiant IOCe.msi
2.2 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/timeliner.body
2.1 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/timeliner.body
2.1 MB
FOR508-USB/documents/Threat Intelligence Reports/2015-NORSE_JIB_IRAN_011_JANUARY_27_2015.pdf
2.0 MB
FOR508-USB/documents/Poster_Find_Evil.pdf
1.9 MB
FOR508-USB/documents/Threat Intelligence Reports/fireeye-operation-saffron-rose.pdf
1.9 MB
poster_2014_find_evil.pdf
1.9 MB
FOR508-USB/documents/Threat Intelligence Reports/ICIT-Brief-Know-Your-Enemies-2.0.pdf
1.7 MB
FOR508-USB/documents/Threat Intelligence Reports/2015-Project2049-Stokes_PLA_General_Staff_Department_Unit_61398.pdf
1.6 MB
FOR508-USB/documents/Threat Intelligence Reports/2011-Project2049-PLA third department_sigint cyber stokes lin hsiao.pdf
1.5 MB
FOR508-USB/documents/Threat Intelligence Reports/wp-windows-management-instrumentation.pdf
1.5 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/LogParser.msi
1.5 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32drivers-signature.480a2813.xml
1.4 MB
FOR508-USB/SIFT-Lab-Install/7zip/7zip-64bit.msi
1.4 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Autoruns.zip
1.3 MB
FOR508-USB/documents/Additional Windows Logs Firewall and IIS Logs.pdf
1.3 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/TIMELINE_COLOR_TEMPLATE.zip
1.2 MB
FOR508-USB/documents/Cyber Threat Intelligence IOCs/apt1-stix-1.2.zip
1.2 MB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/nromanoff-mactime-timeline-final.csv
1.2 MB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/nromanoff-mactime-timeline-final.csv
1.2 MB
FOR508-USB/SIFT-Lab-Install/7zip/7zip-32bit.msi
1.1 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/hashes/WinXPSP3x86.txt
1.1 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/timeliner.body
1.1 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/volatility/timeliner.body
1.1 MB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/RECmd/RECmd.exe
1.1 MB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.cookiehistory.34173157.xml
906.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/PECmd.exe
871.4 kB
FOR508-USB/documents/Detecting-security-incidents-windows-workstation-event-logs.pdf
836.5 kB
FOR508-USB/documents/Windows Logging Cheat Sheet v1.1.pdf
780.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/autorunner.v0.0.9.zip
767.9 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32prefetch.4d2a5d1e.xml
715.2 kB
FOR508-USB/documents/Mounting Images for Analysis.pdf
705.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/AmcacheParser.exe
696.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.urlhistory.45562413.xml
689.3 kB
FOR508-USB/SIFT-Lab-Install/F-Response-Enterprise/fresponselm-accel-lin_5.0.3_amd64.deb
633.1 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/autorunsc.exe
629.4 kB
FOR508-USB/documents/Cyber Threat Intelligence IOCs/poison_ivy-stix-1.2.zip
627.9 kB
FOR508-USB/documents/Threat-Hunting-Links.xlsx
610.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/procdump.exe
591.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/TIMELINE_COLOR_TEMPLATE.xlsx
566.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/TIMELINE_COLOR_TEMPLATE.xlsx
566.3 kB
FOR508-USB/documents/rekall-memory-forensics-cheatsheet.pdf
565.3 kB
FOR508-USB/documents/Remediating-Intrusions.pdf
560.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/Handle.exe
536.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/PEid-Signatues/userdb.txt
490.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/PEid-Signatues/userdb.txt
490.6 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/PEid-Signatues/userdb.txt
490.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/fls.exe
489.0 kB
FOR508-USB/documents/FAT Filesystem.pdf
426.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Procdump.zip
411.0 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/volatility/zeus-apihooks.txt
383.0 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/volatility/zeus-apihooks.txt
383.0 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/volatility/zeus-apihooks.txt
383.0 kB
FOR508-USB-B/win7-64-nfury-10.3.58.6/win7-64-nfury-incident-response/autoruns-win7-64-nfury.csv
374.5 kB
FOR508-USB/documents/Mount using iSCSI Reusable Connection.pdf
370.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/sigcheck.exe
369.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/openioc1-0.zip
339.7 kB
FOR508-USB-B/win2008R2-controller-10.3.58.4/win2008R2-controller-incident-response/autoruns-controller.csv
322.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-incident-response/autoruns-win7-32-nromanoff.csv
311.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-incident-response/autoruns-win7-32-nromanoff.csv
311.5 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/ZoomIt.zip
303.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32services.2b217c3a.xml
298.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/prefetch_hashes_lookup.zip
293.7 kB
FOR508-USB/documents/Threat Intelligence Reports/Dissecting the Tactics & Techniques of an Adversary.pdf
288.0 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32kernel-hookdetection.1b6f5266.xml
266.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/8dd23e0a-a659-45b4-a168-67e4b00944fb.ioc
258.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/8dd23e0a-a659-45b4-a168-67e4b00944fb.ioc
258.7 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/8dd23e0a-a659-45b4-a168-67e4b00944fb.ioc
258.7 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/8dd23e0a-a659-45b4-a168-67e4b00944fb.ioc
258.7 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/8dd23e0a-a659-45b4-a168-67e4b00944fb.ioc
258.7 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/TIMELINE_COLOR_TEMPLATE.zip
243.4 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/TIMELINE_COLOR_TEMPLATE.zip
243.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/autoruns-xp-tdungan.csv
232.7 kB
FOR508-USB/documents/Cyber Threat Intelligence IOCs/APT1 - IOCS.zip
209.2 kB
FOR508-USB/documents/Windows 7 and Windows Server 2008 R2 Security Event Descriptions.xls
207.9 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master.zip
158.8 kB
FOR508-USB/documents/SIFT WORKSTATION CHEAT SHEET 3.1.pdf
137.9 kB
FOR508-USB/documents/For508_HANDOUT_MemFor_v1_3.pdf
112.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/BatchResults.xml
104.7 kB
FOR508-USB/VERSION-FOR508-17-2A.txt
95.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/SDelete.zip
82.7 kB
FOR508-USB/documents/Threat Intelligence Reports/2006-iDefense-NCPH Hacking Team and Word 0-days.pdf
76.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/SkyipotWyksol-Trojan.ioc
75.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT30/eeffc8e8-caee-4fe1-8ace-7a994b5d893f.ioc
70.9 kB
FOR508-USB/documents/Forensic Log Parsing with Microsoft's LogParser.pdf
69.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Operation-Troy.ioc
69.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/eeffc8e8-caee-4fe1-8ace-7a994b5d893f.ioc
60.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/baa24c6a-a223-4919-b3e5-08c4809e434d.ioc
60.5 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/12a40bf7-4834-49b0-a419-6abb5fe2b291.ioc
60.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/12a40bf7-4834-49b0-a419-6abb5fe2b291.ioc
60.0 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/12a40bf7-4834-49b0-a419-6abb5fe2b291.ioc
60.0 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/12a40bf7-4834-49b0-a419-6abb5fe2b291.ioc
60.0 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/12a40bf7-4834-49b0-a419-6abb5fe2b291.ioc
60.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_ce405547a0e213f1c53b55f05e5592617297df37_operation windigo.ioc
59.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/timestomp.exe
57.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32drivers-modulelist.2448051b.xml
52.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/kansa.ps1
49.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/NetTraveler.ioc
48.9 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-MasterFileTable.ps1
46.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.LastVisitedPidlMRU.dll
43.5 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.OpenSavePidlMRU.dll
43.5 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/a1f02cbe-7d37-4ff8-bad7-c5f9f7ea63a3.ioc
42.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/a1f02cbe-7d37-4ff8-bad7-c5f9f7ea63a3.ioc
42.9 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/a1f02cbe-7d37-4ff8-bad7-c5f9f7ea63a3.ioc
42.9 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/a1f02cbe-7d37-4ff8-bad7-c5f9f7ea63a3.ioc
42.9 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/a1f02cbe-7d37-4ff8-bad7-c5f9f7ea63a3.ioc
42.9 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Resolve-WindowsGUID.ps1
42.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Flamer-Framework.ioc
40.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Operation-Red-October.ioc
40.7 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/70b5be0c-8a94-44b4-97a4-1e95b09498a8.ioc
36.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/70b5be0c-8a94-44b4-97a4-1e95b09498a8.ioc
36.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/70b5be0c-8a94-44b4-97a4-1e95b09498a8.ioc
36.8 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/70b5be0c-8a94-44b4-97a4-1e95b09498a8.ioc
36.8 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/70b5be0c-8a94-44b4-97a4-1e95b09498a8.ioc
36.8 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/c71b3305-85e5-4d51-b07c-ff227181fb5a.ioc
35.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/c71b3305-85e5-4d51-b07c-ff227181fb5a.ioc
35.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/c71b3305-85e5-4d51-b07c-ff227181fb5a.ioc
35.4 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/c71b3305-85e5-4d51-b07c-ff227181fb5a.ioc
35.4 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/c71b3305-85e5-4d51-b07c-ff227181fb5a.ioc
35.4 kB
FOR508-USB-B/VERSION-FOR508-17-2B.TXT
33.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Timestomp-GUI.exe
33.3 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/d1c65316-cddd-4d9c-8efe-c539aa5965c0.ioc
31.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/d1c65316-cddd-4d9c-8efe-c539aa5965c0.ioc
31.6 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/d1c65316-cddd-4d9c-8efe-c539aa5965c0.ioc
31.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d1c65316-cddd-4d9c-8efe-c539aa5965c0.ioc
31.6 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d1c65316-cddd-4d9c-8efe-c539aa5965c0.ioc
31.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/8695bb5e-29cd-41b9-b8b1-a0d20a6b960d.ioc
31.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/8695bb5e-29cd-41b9-b8b1-a0d20a6b960d.ioc
31.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/8695bb5e-29cd-41b9-b8b1-a0d20a6b960d.ioc
31.1 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/8695bb5e-29cd-41b9-b8b1-a0d20a6b960d.ioc
31.1 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/8695bb5e-29cd-41b9-b8b1-a0d20a6b960d.ioc
31.1 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/fabdf553-b3ed-4bc9-9ac6-13d6bd174dad.ioc
30.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/fabdf553-b3ed-4bc9-9ac6-13d6bd174dad.ioc
30.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/fabdf553-b3ed-4bc9-9ac6-13d6bd174dad.ioc
30.4 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/fabdf553-b3ed-4bc9-9ac6-13d6bd174dad.ioc
30.4 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/fabdf553-b3ed-4bc9-9ac6-13d6bd174dad.ioc
30.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.formhistory.2446280a.xml
29.9 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/d5e49501-c30d-41ae-b381-c3c473040c39.ioc
29.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/d5e49501-c30d-41ae-b381-c3c473040c39.ioc
29.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/d5e49501-c30d-41ae-b381-c3c473040c39.ioc
29.3 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d5e49501-c30d-41ae-b381-c3c473040c39.ioc
29.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d5e49501-c30d-41ae-b381-c3c473040c39.ioc
29.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/de99badf-b448-49e7-885a-4d8688ddf02d.ioc
29.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_08441c5d5f339359e526d6705465c30777092bda_xtreme rat.ioc
25.9 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/c32b8af3-28d0-47d3-801f-a2c2b0129650.ioc
25.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/c32b8af3-28d0-47d3-801f-a2c2b0129650.ioc
25.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/c32b8af3-28d0-47d3-801f-a2c2b0129650.ioc
25.3 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/c32b8af3-28d0-47d3-801f-a2c2b0129650.ioc
25.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/c32b8af3-28d0-47d3-801f-a2c2b0129650.ioc
25.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/de99badf-b448-49e7-885a-4d8688ddf02d.ioc
24.7 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/eb91abad-afe0-4bd6-80f2-850d14a99308.ioc
23.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/eb91abad-afe0-4bd6-80f2-850d14a99308.ioc
23.9 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/eb91abad-afe0-4bd6-80f2-850d14a99308.ioc
23.9 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/eb91abad-afe0-4bd6-80f2-850d14a99308.ioc
23.9 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/eb91abad-afe0-4bd6-80f2-850d14a99308.ioc
23.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Icefrog-APT.ioc
23.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Gh0st-RAT.ioc
22.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/e928aac0-9f71-4adf-9978-4177345ec610.ioc
22.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/e928aac0-9f71-4adf-9978-4177345ec610.ioc
22.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/e928aac0-9f71-4adf-9978-4177345ec610.ioc
22.2 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/e928aac0-9f71-4adf-9978-4177345ec610.ioc
22.2 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/e928aac0-9f71-4adf-9978-4177345ec610.ioc
22.2 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/806beff3-7395-492e-be63-99a6b4a550b8.ioc
21.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/806beff3-7395-492e-be63-99a6b4a550b8.ioc
21.9 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/806beff3-7395-492e-be63-99a6b4a550b8.ioc
21.9 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/806beff3-7395-492e-be63-99a6b4a550b8.ioc
21.9 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/806beff3-7395-492e-be63-99a6b4a550b8.ioc
21.9 kB
FOR508-USB/SIFT-Lab-Install/Timeline Explorer/superTimeline.layout
20.9 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/7f9a6986-f00a-4071-99d3-484c9158beba.ioc
20.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/7f9a6986-f00a-4071-99d3-484c9158beba.ioc
20.6 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/7f9a6986-f00a-4071-99d3-484c9158beba.ioc
20.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/7f9a6986-f00a-4071-99d3-484c9158beba.ioc
20.6 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/7f9a6986-f00a-4071-99d3-484c9158beba.ioc
20.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/547e4128-9dff-45d9-b90f-081ce3966dee.ioc
20.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/547e4128-9dff-45d9-b90f-081ce3966dee.ioc
20.5 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/547e4128-9dff-45d9-b90f-081ce3966dee.ioc
20.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/547e4128-9dff-45d9-b90f-081ce3966dee.ioc
20.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/547e4128-9dff-45d9-b90f-081ce3966dee.ioc
20.5 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/7c739d52-c669-4d51-ac15-8ae66305e232.ioc
19.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/7c739d52-c669-4d51-ac15-8ae66305e232.ioc
19.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/7c739d52-c669-4d51-ac15-8ae66305e232.ioc
19.3 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/7c739d52-c669-4d51-ac15-8ae66305e232.ioc
19.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/7c739d52-c669-4d51-ac15-8ae66305e232.ioc
19.3 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/2106f0d2-a260-4277-90ab-edd3455e31fa.ioc
19.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/2106f0d2-a260-4277-90ab-edd3455e31fa.ioc
19.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/2106f0d2-a260-4277-90ab-edd3455e31fa.ioc
19.2 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/2106f0d2-a260-4277-90ab-edd3455e31fa.ioc
19.2 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/2106f0d2-a260-4277-90ab-edd3455e31fa.ioc
19.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/6037663c-680c-4a28-ad58-40622d206e1d.ioc
19.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Log/Get-LogUserAssist.ps1
17.7 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/86f988b7-fa02-46df-8e19-e50ce37f0fed.ioc
17.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/86f988b7-fa02-46df-8e19-e50ce37f0fed.ioc
17.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/86f988b7-fa02-46df-8e19-e50ce37f0fed.ioc
17.2 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/86f988b7-fa02-46df-8e19-e50ce37f0fed.ioc
17.2 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/86f988b7-fa02-46df-8e19-e50ce37f0fed.ioc
17.2 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/d8240090-affd-466e-a39c-64add5b98813.ioc
16.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/d8240090-affd-466e-a39c-64add5b98813.ioc
16.6 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/d8240090-affd-466e-a39c-64add5b98813.ioc
16.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d8240090-affd-466e-a39c-64add5b98813.ioc
16.6 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d8240090-affd-466e-a39c-64add5b98813.ioc
16.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/AppCompatCache/AppCompatCache.dll
16.4 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/86e9b8ec-7413-453b-a932-b5fb95a8dba6.ioc
16.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/86e9b8ec-7413-453b-a932-b5fb95a8dba6.ioc
16.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/86e9b8ec-7413-453b-a932-b5fb95a8dba6.ioc
16.1 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/86e9b8ec-7413-453b-a932-b5fb95a8dba6.ioc
16.1 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/86e9b8ec-7413-453b-a932-b5fb95a8dba6.ioc
16.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Ramnit.ioc
16.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_cdf7e4a7735d2505bd5c75ca5c23b50f57664ec2_ramnit rootkit.ioc
16.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/6037663c-680c-4a28-ad58-40622d206e1d.ioc
16.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT28/e1cbf7ca-4938-4d3c-a7e6-3ff966516191.ioc
13.2 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/ad521068-6f18-4ab1-899c-11007a18ec73.ioc
12.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/ad521068-6f18-4ab1-899c-11007a18ec73.ioc
12.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/ad521068-6f18-4ab1-899c-11007a18ec73.ioc
12.8 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/ad521068-6f18-4ab1-899c-11007a18ec73.ioc
12.8 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/ad521068-6f18-4ab1-899c-11007a18ec73.ioc
12.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.RecentDocs.dll
12.8 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/d4f103f8-c372-49d1-b9f4-e127d61d0639.ioc
12.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/d4f103f8-c372-49d1-b9f4-e127d61d0639.ioc
12.0 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/d4f103f8-c372-49d1-b9f4-e127d61d0639.ioc
12.0 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d4f103f8-c372-49d1-b9f4-e127d61d0639.ioc
12.0 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d4f103f8-c372-49d1-b9f4-e127d61d0639.ioc
12.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/4fdb0f45-8151-4941-a9e1-a31e21000659.ioc
11.8 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/a461f381-8612-4ce1-a0dc-68bcaca028d0.ioc
11.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/a461f381-8612-4ce1-a0dc-68bcaca028d0.ioc
11.6 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/a461f381-8612-4ce1-a0dc-68bcaca028d0.ioc
11.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/a461f381-8612-4ce1-a0dc-68bcaca028d0.ioc
11.6 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/a461f381-8612-4ce1-a0dc-68bcaca028d0.ioc
11.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/LICENSE
11.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/LICENSE
11.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.SAM.dll
11.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.Ares.dll
11.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32ports.715a275c.xml
11.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/6bb9ce5b-94c1-4733-8bb8-dc5be775b190.ioc
11.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/e1cbf7ca-4938-4d3c-a7e6-3ff966516191.ioc
10.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-FilesByHashes.ps1
10.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_4610c2e6f08fa7f2a29d219e8b3fdcaa5279168e_deep panda chinese apt.ioc
10.4 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/26213db6-9d3b-4a39-abeb-73656acb913e.ioc
10.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/26213db6-9d3b-4a39-abeb-73656acb913e.ioc
10.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/26213db6-9d3b-4a39-abeb-73656acb913e.ioc
10.3 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/26213db6-9d3b-4a39-abeb-73656acb913e.ioc
10.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/26213db6-9d3b-4a39-abeb-73656acb913e.ioc
10.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-FileHashes.ps1
10.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.TimeZoneInformation.dll
10.2 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/6091c4ce-6d73-4202-a7a8-b52406fa4d77.ioc
10.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/6091c4ce-6d73-4202-a7a8-b52406fa4d77.ioc
10.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_13e5d0358dcecb0fc1fbb8b236990c0ae9572ec3_webc2-qbp (family).ioc
10.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/6091c4ce-6d73-4202-a7a8-b52406fa4d77.ioc
10.1 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/6091c4ce-6d73-4202-a7a8-b52406fa4d77.ioc
10.1 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/6091c4ce-6d73-4202-a7a8-b52406fa4d77.ioc
10.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32hivelist.3a064c04.xml
10.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Disabled-Sysadmin-Tools.ioc
10.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-FilesByHash.ps1
10.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-FileHashes.ps1
9.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT3/db0b6ac6-874a-498e-892b-ac7c2020e061.ioc
9.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.FileExts.dll
9.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.LastVisitedMRU.dll
9.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.FirstFolder.dll
9.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.OpenSaveMRU.dll
9.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/AppCompatCache/RegistryPlugin.AppCompatCache.dll
9.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Get-LogparserStack.ps1
9.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/4fdb0f45-8151-4941-a9e1-a31e21000659.ioc
9.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.OfficeMRU.dll
9.2 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/a486d837-9f05-4360-908e-b4244c24723d.ioc
9.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/a486d837-9f05-4360-908e-b4244c24723d.ioc
9.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/a486d837-9f05-4360-908e-b4244c24723d.ioc
9.2 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/a486d837-9f05-4360-908e-b4244c24723d.ioc
9.2 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/a486d837-9f05-4360-908e-b4244c24723d.ioc
9.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/6bb9ce5b-94c1-4733-8bb8-dc5be775b190.ioc
9.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/9a7a6929-25ea-4254-a300-13fd6b39c490.ioc
9.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT12/2384c8ce-6eca-4d06-8aa4-151b53d9a6bc.ioc
8.7 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/4d1ced5f-fe47-4ba4-be0e-81d547f3aa8a.ioc
8.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/4d1ced5f-fe47-4ba4-be0e-81d547f3aa8a.ioc
8.7 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/4d1ced5f-fe47-4ba4-be0e-81d547f3aa8a.ioc
8.7 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/4d1ced5f-fe47-4ba4-be0e-81d547f3aa8a.ioc
8.7 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/4d1ced5f-fe47-4ba4-be0e-81d547f3aa8a.ioc
8.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.CIDSizeMRU.dll
8.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.RunMRU.dll
8.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.UserAssist.dll
8.7 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/3433dad8-879e-40d9-98b3-92ddc75f0dcd.ioc
8.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/3433dad8-879e-40d9-98b3-92ddc75f0dcd.ioc
8.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/3433dad8-879e-40d9-98b3-92ddc75f0dcd.ioc
8.4 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/3433dad8-879e-40d9-98b3-92ddc75f0dcd.ioc
8.4 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/3433dad8-879e-40d9-98b3-92ddc75f0dcd.ioc
8.4 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/56468547-6cf5-4c66-af56-2543d4271482.ioc
8.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/56468547-6cf5-4c66-af56-2543d4271482.ioc
8.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/56468547-6cf5-4c66-af56-2543d4271482.ioc
8.2 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/56468547-6cf5-4c66-af56-2543d4271482.ioc
8.2 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/56468547-6cf5-4c66-af56-2543d4271482.ioc
8.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Plugins/RegistryPlugin.7-ZipHistory.dll
8.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT17/7b9e87c5-b619-4a13-b862-0145614d359a.ioc
8.1 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/2fc55747-6822-41d2-bcc1-387fc1b2e67b.ioc
8.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/2fc55747-6822-41d2-bcc1-387fc1b2e67b.ioc
8.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/2fc55747-6822-41d2-bcc1-387fc1b2e67b.ioc
8.1 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/2fc55747-6822-41d2-bcc1-387fc1b2e67b.ioc
8.1 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/2fc55747-6822-41d2-bcc1-387fc1b2e67b.ioc
8.1 kB
FOR508-USB/SIFT-Lab-Install/Timeline Explorer/macTimeline.layout
7.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/db0b6ac6-874a-498e-892b-ac7c2020e061.ioc
7.9 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/6bd24113-2922-4d25-b490-f727f47ba948.ioc
7.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/6bd24113-2922-4d25-b490-f727f47ba948.ioc
7.6 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/6bd24113-2922-4d25-b490-f727f47ba948.ioc
7.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/6bd24113-2922-4d25-b490-f727f47ba948.ioc
7.6 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/6bd24113-2922-4d25-b490-f727f47ba948.ioc
7.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/5a8d6878-2649-4ddc-a1f6-c98932a54f91.ioc
7.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/32b168e6-dbd6-4d56-ba2f-734553239efe.ioc
7.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/32b168e6-dbd6-4d56-ba2f-734553239efe.ioc
7.5 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/32b168e6-dbd6-4d56-ba2f-734553239efe.ioc
7.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/32b168e6-dbd6-4d56-ba2f-734553239efe.ioc
7.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/32b168e6-dbd6-4d56-ba2f-734553239efe.ioc
7.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/ZeroAccessSiref.P.ioc
7.5 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/af5f65fc-e1ca-45db-88b1-6ccb7191ee6a.ioc
7.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/af5f65fc-e1ca-45db-88b1-6ccb7191ee6a.ioc
7.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/af5f65fc-e1ca-45db-88b1-6ccb7191ee6a.ioc
7.3 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/af5f65fc-e1ca-45db-88b1-6ccb7191ee6a.ioc
7.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/af5f65fc-e1ca-45db-88b1-6ccb7191ee6a.ioc
7.3 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/ece1846e-98d3-4ddc-a520-0dcda4866989.ioc
7.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/ece1846e-98d3-4ddc-a520-0dcda4866989.ioc
7.2 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/ece1846e-98d3-4ddc-a520-0dcda4866989.ioc
7.2 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/ece1846e-98d3-4ddc-a520-0dcda4866989.ioc
7.2 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/ece1846e-98d3-4ddc-a520-0dcda4866989.ioc
7.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/9a7a6929-25ea-4254-a300-13fd6b39c490.ioc
7.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/2384c8ce-6eca-4d06-8aa4-151b53d9a6bc.ioc
6.8 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/4a2c5f60-f4c0-4844-ba1f-a14dac9fa36c.ioc
6.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/4a2c5f60-f4c0-4844-ba1f-a14dac9fa36c.ioc
6.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/4a2c5f60-f4c0-4844-ba1f-a14dac9fa36c.ioc
6.8 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/4a2c5f60-f4c0-4844-ba1f-a14dac9fa36c.ioc
6.8 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/4a2c5f60-f4c0-4844-ba1f-a14dac9fa36c.ioc
6.8 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/9c9368cd-3a1f-4200-b093-adb97d5f1f5d.ioc
6.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/9c9368cd-3a1f-4200-b093-adb97d5f1f5d.ioc
6.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/9c9368cd-3a1f-4200-b093-adb97d5f1f5d.ioc
6.8 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/9c9368cd-3a1f-4200-b093-adb97d5f1f5d.ioc
6.8 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/9c9368cd-3a1f-4200-b093-adb97d5f1f5d.ioc
6.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32tasks.00414040.xml
6.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-AutorunscDeep.ps1
6.6 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_eb666b9fdb964500f9a67f45935c8ccee3d99a3a_duqu kaspersky.ioc
6.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/84f04df2-25cd-4f59-a920-448d8843b6fc.ioc
6.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/84f04df2-25cd-4f59-a920-448d8843b6fc.ioc
6.5 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/84f04df2-25cd-4f59-a920-448d8843b6fc.ioc
6.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/84f04df2-25cd-4f59-a920-448d8843b6fc.ioc
6.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/84f04df2-25cd-4f59-a920-448d8843b6fc.ioc
6.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/7b9e87c5-b619-4a13-b862-0145614d359a.ioc
6.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/wmic_lr_remote.cmd
6.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_4f8622cf3eaa9056fb5fc841b5e1297329b944ee_kronos banking trojan.ioc
6.1 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/0c7c902c-67f8-479c-9f44-4d985106365a.ioc
6.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/0c7c902c-67f8-479c-9f44-4d985106365a.ioc
6.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/0c7c902c-67f8-479c-9f44-4d985106365a.ioc
6.1 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/0c7c902c-67f8-479c-9f44-4d985106365a.ioc
6.1 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/0c7c902c-67f8-479c-9f44-4d985106365a.ioc
6.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/5a8d6878-2649-4ddc-a1f6-c98932a54f91.ioc
6.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32useraccounts.263b7301.xml
6.0 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/7d2eaadf-a5ff-4199-996e-af6258874dad.ioc
6.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/7d2eaadf-a5ff-4199-996e-af6258874dad.ioc
6.0 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/7d2eaadf-a5ff-4199-996e-af6258874dad.ioc
6.0 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/7d2eaadf-a5ff-4199-996e-af6258874dad.ioc
6.0 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/7d2eaadf-a5ff-4199-996e-af6258874dad.ioc
6.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/113e561e-60d2-48db-979d-02f207550125.ioc
5.8 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/5477b392-e565-45c5-9cb4-f561d6daeddc.ioc
5.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/5477b392-e565-45c5-9cb4-f561d6daeddc.ioc
5.7 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/5477b392-e565-45c5-9cb4-f561d6daeddc.ioc
5.7 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/5477b392-e565-45c5-9cb4-f561d6daeddc.ioc
5.7 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/5477b392-e565-45c5-9cb4-f561d6daeddc.ioc
5.7 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/c7fa2ea5-36d5-4a52-a6cf-ddc2257cb6f9.ioc
5.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/c7fa2ea5-36d5-4a52-a6cf-ddc2257cb6f9.ioc
5.7 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/c7fa2ea5-36d5-4a52-a6cf-ddc2257cb6f9.ioc
5.7 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/c7fa2ea5-36d5-4a52-a6cf-ddc2257cb6f9.ioc
5.7 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/c7fa2ea5-36d5-4a52-a6cf-ddc2257cb6f9.ioc
5.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/wmic_lr.zip
5.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/wmic_lr_local.cmd
5.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/2bff223f-9e46-47a7-ac35-d35f8138a4c7.ioc
5.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/2bff223f-9e46-47a7-ac35-d35f8138a4c7.ioc
5.5 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/2bff223f-9e46-47a7-ac35-d35f8138a4c7.ioc
5.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/2bff223f-9e46-47a7-ac35-d35f8138a4c7.ioc
5.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/2bff223f-9e46-47a7-ac35-d35f8138a4c7.ioc
5.5 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/d14d5f09-9050-4769-b00d-30fce9e6eb85.ioc
5.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/d14d5f09-9050-4769-b00d-30fce9e6eb85.ioc
5.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/d14d5f09-9050-4769-b00d-30fce9e6eb85.ioc
5.4 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d14d5f09-9050-4769-b00d-30fce9e6eb85.ioc
5.4 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/d14d5f09-9050-4769-b00d-30fce9e6eb85.ioc
5.4 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/fdfb2c22-d0c4-4bf0-8ea4-27d8d51f98ea.ioc
5.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/fdfb2c22-d0c4-4bf0-8ea4-27d8d51f98ea.ioc
5.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/fdfb2c22-d0c4-4bf0-8ea4-27d8d51f98ea.ioc
5.3 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/fdfb2c22-d0c4-4bf0-8ea4-27d8d51f98ea.ioc
5.3 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/fdfb2c22-d0c4-4bf0-8ea4-27d8d51f98ea.ioc
5.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/volatility/xp-tdungan-apihooks.txt
5.1 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Deserialize-KansaField.ps1
5.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT28/0ff58bf9-1c07-42f6-b135-b18c139f631a.ioc
5.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/b513e829-b023-426a-b7d4-accd511be3c0.ioc
5.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/FIN4/fb0699e2-23a6-40f9-bf96-4514d629eec3.ioc
5.0 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/8900aa6b-883d-48d3-a07d-d49b0429dd2b.ioc
4.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/8900aa6b-883d-48d3-a07d-d49b0429dd2b.ioc
4.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/8900aa6b-883d-48d3-a07d-d49b0429dd2b.ioc
4.8 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/8900aa6b-883d-48d3-a07d-d49b0429dd2b.ioc
4.8 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/8900aa6b-883d-48d3-a07d-d49b0429dd2b.ioc
4.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-DNSCache.ps1
4.6 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/61695156-298c-4d77-ad7f-48feb562fb75.ioc
4.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/61695156-298c-4d77-ad7f-48feb562fb75.ioc
4.5 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/61695156-298c-4d77-ad7f-48feb562fb75.ioc
4.5 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/61695156-298c-4d77-ad7f-48feb562fb75.ioc
4.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/61695156-298c-4d77-ad7f-48feb562fb75.ioc
4.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/113e561e-60d2-48db-979d-02f207550125.ioc
4.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/548cfc54-42b9-48c6-a753-02e74246699b.ioc
4.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/e598231d-8584-4535-a0de-94e822f04c0b.ioc
4.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/default-template.ps1
4.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/disk/Get-WebrootListingEntropyOutliers.ps1
4.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/Batchwiper.ioc
4.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-PSProfiles.ps1
4.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-Netstat.ps1
4.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/filter_windows.txt
4.0 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/filter_windows.txt
4.0 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/filter_windows.txt
4.0 kB
FOR508-USB/SIFT-Lab-Install/Redline/APT1 - IOCS/3e01b786-fe3a-4228-95fa-c3986e2353d6.ioc
4.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/APT1 - IOCS/3e01b786-fe3a-4228-95fa-c3986e2353d6.ioc
4.0 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/redline/APT1 - IOCS/3e01b786-fe3a-4228-95fa-c3986e2353d6.ioc
4.0 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/3e01b786-fe3a-4228-95fa-c3986e2353d6.ioc
4.0 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/redline/APT1 - IOCS/3e01b786-fe3a-4228-95fa-c3986e2353d6.ioc
4.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/b513e829-b023-426a-b7d4-accd511be3c0.ioc
3.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/fb0699e2-23a6-40f9-bf96-4514d629eec3.ioc
3.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-IOCsByPath.ps1
3.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/0ff58bf9-1c07-42f6-b135-b18c139f631a.ioc
3.7 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32network-route.33247828.xml
3.7 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT3/62f65dae-9475-44b0-a9eb-c1baebbd9885.ioc
3.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-WebrootListing.ps1
3.5 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/68505678-f820-48c5-9d13-fa0b3b8be190.ioc
3.5 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/README.md
3.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/GeorBot.ioc
3.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-WMIRecentApps.ps1
3.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/WMIC-README.txt
3.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Log/Get-RdpConnectionLogs.ps1
3.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-SvcTrigs.ps1
3.3 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/e598231d-8584-4535-a0de-94e822f04c0b.ioc
3.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/MSLimitedPublicLicense.txt
3.2 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/60a6de64-7308-4af1-9003-dc23a73fdf01.ioc
3.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT18/0ae061d7-c624-4a84-8adf-00281b97797b.ioc
3.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT28/bdf7929c-3f0b-4fdd-bcc5-b4a82554ad92.ioc
3.1 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-File.ps1
2.9 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-ProcsNModules.ps1
2.9 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-ProcDump.ps1
2.9 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Modules.conf
2.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT28/a438caeb-96dd-4225-853c-fc5910980961.ioc
2.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/0b879284-0c37-4bfa-9dd8-34505a9c5175.ioc
2.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-Handle.ps1
2.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-ProcsWMI.ps1
2.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/config/Get-AMHealthStatusStack.ps1
2.6 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/windows-tags.txt
2.5 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-GPResult.ps1
2.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT28/a6c6dbf0-d72a-4f07-8b11-55527aef4755.ioc
2.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/contributing.md
2.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32network-dns.64125a55.xml
2.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-SvcFail.ps1
2.1 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-SharePermissions.ps1
2.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/60a6de64-7308-4af1-9003-dc23a73fdf01.ioc
2.1 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32system.09214d4d.xml
2.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/0ae061d7-c624-4a84-8adf-00281b97797b.ioc
2.1 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/bdf7929c-3f0b-4fdd-bcc5-b4a82554ad92.ioc
2.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/IOC/Get-Loki.ps1
2.0 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/README.MD
1.9 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_031920b99a51bae014d6f882c48fa594ccf99d61_apt 28 russia cyber espionage oldbait.ioc
1.9 kB
FOR508-USB-B/win2008R2-controller-10.3.58.4/win2008R2-controller-c-drive/win2008R2-controller-c-drive.E01.txt
1.9 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32disks.2427162a.xml
1.9 kB
FOR508-USB-B/win7-64-nfury-10.3.58.6/win7-64-nfury-c-drive/win7-64-nfury-c-drive.E01.txt
1.8 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/xp-tdungan-c-drive.E01.txt
1.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-SigCheckRandomPath.ps1
1.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-Autorunsc.ps1
1.8 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Analysis.conf
1.8 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/0b879284-0c37-4bfa-9dd8-34505a9c5175.ioc
1.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatForeign16sStack.ps1
1.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatByProtoForeignIpStateComponentProcessStack.ps1
1.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-FlsBodyfile.ps1
1.7 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatForeign24sStack.ps1
1.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatStack.ps1
1.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatForeignIpPortProcesStack.ps1
1.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/meta/Get-FileLengths.ps1
1.6 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Log/Get-OfficeMRU.ps1
1.6 kB
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-memory/win7-32-nromanoff-memory-raw.txt
1.5 kB
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-memory/win7-32-nromanoff-memory-raw.txt
1.5 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatForeignIpProcess.ps1
1.5 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/config/Get-AMInfectionStatus.ps1
1.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32network-arp.1c4d1932.xml
1.4 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/mir.w32volumes.6a174b23.xml
1.4 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-ClrVersion.ps1
1.4 kB
FOR508-USB-B/win2008R2-controller-10.3.58.4/win2008R2-controller-memory/win2008R2-controller-memory-raw.001.txt
1.4 kB
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/a6c6dbf0-d72a-4f07-8b11-55527aef4755.ioc
1.3 kB
FOR508-USB-B/win7-64-nfury-10.3.58.6/win7-64-nfury-memory/win7-64-nfury-memory-raw.001.txt
1.3 kB
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-memory/xp-tdungan-memory-raw.txt
1.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-WMIIETelemetry.ps1
1.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/ToDo
1.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-RekalPslist.ps1
1.3 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcAllStack.ps1
1.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-PrefetchFiles.ps1
1.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-Arp.ps1
1.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-ASEPImagePathLaunchStringMD5UnsignedTimeStack.ps1
1.2 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcFailStack.ps1
1.1 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-ASEPImagePathLaunchStringMD5UnsignedStack.ps1
1.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProcsWMITempExePath.ps1
1.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-PSDotNetVersion.ps1
1.0 kB
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatListenerStack.ps1
985 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/HTTPPUMP.txt
981 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-ASEPImagePathLaunchStringUnsignedStack.ps1
945 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcFailAllStack.ps1
944 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-ASEPImagePathLaunchStringPublisherStack.ps1
928 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcStartNameStack.ps1
904 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-ASEPImagePathLaunchStringStack.ps1
876 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-ASEPImagePathLaunchStringMD5Stack.ps1
865 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-IIS.ps1
862 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcTrigStack.ps1
839 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/RECmd/NLog.config
837 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatDistinctLocal16IPv4.ps1
835 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-PrefetchListing.ps1
813 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-NetstatDistinctLocal24.ps1
794 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcFailCmdLineStack.ps1
791 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Log/Get-LogWinEvent.ps1
777 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/log/Get-LogUserAssistValueByDate.ps1
775 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/FIN4/MACROCHECK.yara
761 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-PrefetchListingLastWriteTime.ps1
761 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_Terminal Server_bc0da746-e8c5-465a-a70f-2779e7c914de
755 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProcsWMISortByCreationDate.ps1
735 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Log/Get-LogOpenSavePidlMRU.ps1
731 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/BlogPosts/operation_poisoned_handover.yara
728 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-PrefetchListingStack.ps1
721 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/log/Get-LogUserAssistValueStack.ps1
715 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProcsWMICLIMD5Stack.ps1
715 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_Image File Execution Options_59ddbb92-609a-44e8-9bb7-e1f5b797e397
710 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-AMInfectionStatus.ps1
696 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-HandleProcessOwnerStack.ps1
692 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-ARPStack.ps1
685 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/config/Get-LocalAdminStack.ps1
674 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProcsWMIProcessNameStack.ps1
636 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/Net/Get-DNSCacheStack.ps1
634 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProcsWMICmdlineStack.ps1
632 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-Tasklistv.ps1
613 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProcsWMIPath.ps1
608 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-AMHealthStatus.ps1
602 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/meta/Get-AllFileLengths.ps1
599 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-WMIEvtFilter.ps1
589 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-Hotfix.ps1
574 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-ImagePathExecutionOptions.ps1
573 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT3/README.md
563 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_Windows_d73fc227-8ea3-45e8-ac69-041a06a6c629
562 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Process/Get-Prox.ps1
531 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-DiskUsage.ps1
516 Bytes
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/mbr/mbr.001
512 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-Sigcheck.ps1
496 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-WMIEvtConsumer.ps1
495 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Disk/Get-TempDirListing.ps1
489 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_TimeZoneInformation_e16fbaa9-172c-4501-a55d-0cb4adb02cac
483 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-CertStore.ps1
480 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Storage_System_{10497b1b-ba51-44e5-8318-a65c837b6661}_9fe29ea5-44f1-4d92-82a0-d6b1fb84ee34
475 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Log/Get-LogCBS.ps1
464 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_CrashControl_a4d38e6e-fa6e-4ceb-8a1f-b7b2f25bf573
447 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_EMDMgmt_5c905164-7055-4422-a141-f8539d5ef4fe
426 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/process/Get-ProxSystemStartTime.ps1
411 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_System_AppCompatCache_f1adf410-8700-4a83-bc2e-f53cededc03d
411 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_{6bdd1fc6-810f-11d0-bec7-08002be2092f}_80aafc9b-f28d-41a8-929c-6c016c4b5bc0
404 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-LocalAdmins.ps1
401 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/iocbucket_dcda86771553fa54820b22099277599cb479f702_mattulm.yara
387 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_FilesNotToSnapshot_af3e091f-8598-43e1-9e19-39c1352a72ea
378 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_CurrentVersion_3d9483dc-d89c-423a-ae83-a57405d6a752
373 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_MountPoints2_28014255-7733-4398-a859-dd76642a19c7
363 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_PrefetchParameters_0f9651f6-3aa8-4bac-89aa-e57a73744ee2
362 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_Channels_8ab43ae7-05ce-4c41-9c70-f77df5317e67
359 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT12/README.md
353 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_Control Panel_7e993a1a-b5af-4247-8b34-6bbe13eb7f3c
352 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT17/README.md
350 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_NtUser_UserAssist_660a4ade-592f-4c64-bd85-8241378d0839
350 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_NtUser_FileExts_03427bd9-675f-4564-9d7b-058e797a7cb6
348 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-SvcAll.ps1
344 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User network_System_FirewallPolicy_6701136a-ccfb-476e-af28-d58543636ba4
343 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_Winlogon_129b227e-57cd-400b-b370-4ef3d08f9627
343 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_NtUser_RunMRU_524957bc-0c7e-490c-a8cf-f6bce2e1e1b5
342 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_NtUser_FirstFolder_a640410c-d053-4966-ace5-36bc4b977c9a
342 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT28/README.md
339 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Analysis/asep/Get-SvcAllRunningAuto.ps1
332 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_UsrClass_BagMRU_237fdb41-7713-485d-94ab-f07f4c157356
332 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_Memory Management_15dc67bb-bf95-46ef-87db-e4e34e387125
331 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-SmbShare.ps1
330 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT30/README.md
325 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_FileSystem_b20a0736-0d62-4a26-9539-a53ded5f152b
321 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_User MRU_6bbf4038-b3c6-4ba5-a4e1-d04d3166e675
321 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_Devices_121a3617-c512-4b5f-a770-11b1cdb19983
321 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_Compression_d0e9ff87-f6be-47ec-888d-164cb58f19f3
320 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_NtUser_MUICache_a51a8919-ffdd-4135-91fa-affac7f65bb5
319 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_Environment_7044cf87-168f-4588-bae0-426632d08330
319 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/ASEP/Get-WMIFltConBind.ps1
318 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Storage_System_USBSTOR_3d1bc4ba-8eb2-4ec7-a4be-e6792505f999
318 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_RDP-Tcp_6e9f18d0-7173-424c-b695-e8c2894ee110
317 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_RecentDocs_51af122a-734f-4b9b-8138-4633f67e0cad
317 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_Map Network Drive MRU_df6ed689-944a-46b1-a806-f5f78830429a
315 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/FIN4/README.md
314 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_Shell Folders_feec11a9-1482-4629-a083-0caf2df99873
313 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User configuration_Software_StartMenuInternet_dc7c443e-51be-41c6-bd71-851c9d108ad6
312 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User configuration_Software_command_0054aabe-ed43-4485-b3ce-bc6490cfe81e
312 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_Windows Portable Devices_39661eda-1373-493a-b333-583c51c9e74b
310 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Network_System_{4d36e972-e325-11ce-bfc1-08002be10318}_54796294-d279-4552-bda5-fe672b4ea675
309 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_ComDlg32_44d580cf-ef19-4749-b833-f787ac1b0220
308 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_{53f56307-b6bf-11d0-94f2-00a0c91efb8b}_18c3eafb-034d-49b6-9558-45b92416bf33
307 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_User MRU_41e2c5c4-4da2-4b96-99ae-a4fb532f93d4
306 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_EventLog_e99f1b87-9f35-4876-a5c5-3c99b92e4bfd
305 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Web browsing_NtUser_TypedURLs_24aec1e0-f92a-49db-8ec0-8443a7bbd130
305 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Network_Software_NetworkCards_3cfa462c-31d1-4ad6-8b47-98f281c50728
305 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_NtUser_CD Burning_0f0005c8-7a16-4223-8a73-87dc0d307849
305 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_User MRU_83fcbc4b-a0d4-40d2-b414-91ffa96d778c
303 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Software_Software_Products_c6b061c4-df1d-477f-bcde-4846ec328c31
292 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User network_NtUser_Default_617e9fc6-565a-4986-a3fa-7e517fcbf6a3
292 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User configuration_NtUser_Internet Settings_57563b19-0d7b-4f61-a76a-5ec5dfecb7c4
291 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_Services_9a4c3785-ec1c-4248-8b0a-cc32a3578d67
290 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_FileHistory_2895d67d-8601-45df-9758-f72958482822
288 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Software_Software_Internet Explorer_140f36ce-6571-4966-b6e4-641c30a9b9b1
284 Bytes
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-incident-response/xp-tdungan-Redline-Live-Audit/Issues.BatchResults.xml
284 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_SafeBoot_1da3ee50-90bf-49ed-9aa6-b97ba9948eee
282 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_ComputerName_f5259882-9906-413f-b845-b2bbca09ffeb
279 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/APT18/README.md
277 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User general_NtUser_WordWheelQuery_89ca3fef-d045-4ff2-8891-4c61cf6c30ea
276 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Network_Software_LastConnect_1516cac4-ff62-4d2e-a9f5-a20815853b3e
276 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Program execution_NtUser_Sysinternals_a801be22-7473-4c4c-9a57-9dbc90bcbf7c
275 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Software_CurrentVersion_0a017e3d-c0fe-40c9-84fb-8bcd45c96a7e
274 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User configuration_NtUser_PrinterPorts_fe1bbde9-e2bc-4764-9948-3c3b8d8c2112
270 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Software_Software_Products_a3ce0f6a-434d-4c2d-ba8f-16ce24209fe4
270 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Autoruns_Software_Run_b747b395-acee-4576-9b52-a89349b8d831
262 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Storage_System_MountedDevices_0d010e87-8b14-4ce1-b084-e99b5ab9748c
261 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Autoruns_NtUser_Run_2ec3d165-3d58-417e-bf86-d30652b7b53a
261 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Config/Get-Products.ps1
258 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User configuration_NtUser_CurrentVersion_b8239cb1-3e84-41ae-a156-ebabfadea7d1
255 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Communication_NtUser_UnreadMail_d6d419d3-bc7c-4e6c-b73d-e1235c3a2943
253 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-SmbSession.ps1
251 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_Sam_Users_58f6066e-53f0-43a7-823c-5679da0e4cd9
251 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User configuration_NtUser_CurrentVersion_9fef0ee2-99c9-4131-bd77-3f28fad9f8c7
250 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User network_System_Shares_7794e865-4630-4703-ac0f-76e650314b01
249 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User network_NtUser_FTP_013baa05-0d47-4db7-9dbd-d4cb6231dc90
248 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_Windows_29e05135-bc83-4332-a11b-ea3c357e4de5
241 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_VSS_7afab042-09fb-4f0f-ae3e-b3c58c93f83c
240 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_7-Zip_af7dfd06-6a98-4c8b-a795-bfb9f5ae407d
233 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User general_NtUser_CCleaner_ec48ddd3-4f09-4431-b388-7f5d18eaab43
228 Bytes
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/LibreOffice-Howto-Supertimeline-Formatting.txt
227 Bytes
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/LibreOffice-Howto-Supertimeline-Formatting.txt
227 Bytes
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/LibreOffice-Howto-Supertimeline-Formatting.txt
227 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Communication_NtUser_TeamViewer_d32c0647-339c-4d4f-8282-daf26b927699
225 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User network_NtUser_Ares_fe9bac6b-b1fd-4710-8579-80b31f4fe288
224 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Settings/Categories
221 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Operating system_System_USB_d9ecec7b-e4c6-4c8d-9f65-2b971efbb4c4
221 Bytes
FOR508-USB/SIFT-Lab-Install/IOC Editor/Additional IOCs/README.md
218 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User network_NtUser_TeamViewer_6aa0d3cd-9926-4f23-bf9b-f675636944f0
217 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/User files and folders_NtUser_WinRAR_204cf564-85f5-42b9-983f-d94a970e7374
211 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/RegistryExplorer_RECmd/Bookmarks/Common/Autoruns_UsrClass_VirtualStore_bac80d4f-92ed-41a6-bb70-9749bf17736e
211 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-NetIPInterfaces.ps1
177 Bytes
FOR508-USB/documents/~$Threat-Hunting-Links.xlsx
165 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/Net/Get-NetRoutes.ps1
154 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/bin/.gitignore
120 Bytes
FOR508-USB/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/whitelist.txt
99 Bytes
FOR508-USB-B/win7-32-nromanoff-10.3.58.5/win7-32-nromanoff-c-drive/precooked/timeline/whitelist.txt
99 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/.gitignore
89 Bytes
FOR508-USB/SIFT-Lab-Install/Windows Tools/Kansa-master/Modules/.gitignore
50 Bytes
FOR508-USB-B/xp-tdungan-10.3.58.7/xp-tdungan-c-drive/precooked/timeline/whitelist.txt
50 Bytes
vm-pass.txt
23 Bytes
随机展示
相关说明
本站不存储任何资源内容,只收集BT种子元数据(例如文件名和文件大小)和磁力链接(BT种子标识符),并提供查询服务,是一个完全合法的搜索引擎系统。 网站不提供种子下载服务,用户可以通过第三方链接或磁力链接获取到相关的种子资源。本站也不对BT种子真实性及合法性负责,请用户注意甄别!
>
