├── Cyber Security Frameworks ├── Cyber Kill Chain.md ├── Diamond Model.md ├── MITRE.md ├── The Pyramid Of Pain.md └── Unified Kill Chain.md ├── Cyber Threat Intelligence (CTI) └── Definition.md ├── Digital Forensics ├── Cross-platform │ ├── Browsers.md │ ├── Cloud Forensics.md │ ├── Database Forensics.md │ ├── Email Forensics.md │ └── Extensible Storage Engine (ESE).md ├── Hypervisors │ ├── Memory Files.md │ ├── VMWare │ │ ├── Artifacts.md │ │ └── Memory Dump Creation.md │ └── VirtualBox │ │ ├── Artifacts.md │ │ └── Memory Dump Creation.md ├── Linux │ ├── Artifacts │ │ ├── Audit Trail.md │ │ ├── Authentication Logs.md │ │ ├── Evidence of Execution.md │ │ ├── Group Information.md │ │ ├── Login Information.md │ │ ├── More Log Files.md │ │ ├── Network Configuration.md │ │ ├── OS Release.md │ │ ├── Persistence Mechanisms.md │ │ ├── Sudoers List.md │ │ ├── System Configuration.md │ │ └── User Accounts.md │ ├── Commands.md │ ├── Create a forensic image.md │ ├── ELF_LOGFILE_HEADER.md │ └── Tools │ │ └── Rootkit Hunting.md ├── Mobile │ ├── Android Forensics.md │ ├── Cellular Networks.md │ ├── General.md │ ├── IOS Forensics.md │ └── SIM Cloning.md ├── Theory │ ├── Anti-Forensics Techniques.md │ ├── Cold vs Live Forensics.md │ ├── DFIR Process.md │ ├── Data Acquisition Formats.md │ ├── Data Acquisition Methods.md │ ├── Forensic Evidence Collection.md │ ├── Golden Rules of Forensics.md │ ├── Imaging.md │ └── Phases of Forensic Investigation.md └── Windows │ ├── Artifacts │ ├── Evidence of Execution.md │ ├── External Devices-USB Device Forensics.md │ └── Windows Registry.md │ ├── Commands.md │ ├── NTFS │ ├── Evidence of Execution.md │ ├── Features.md │ └── MFT Critical Files.md │ └── Windows Restore Points.md ├── Email Security ├── Email Authentication.md ├── Email Flow.md ├── Email Gateway Logs.md ├── Email Header Analysis.md ├── Email X-Headers.md ├── Email log artifacts.md └── Email sender domain and SMTP server investigation.md ├── Incident Response ├── Frameworks.md ├── Incident Response Lifecycle.md └── Playbooks.md ├── LICENSE.md ├── Malware Analysis ├── Stages.md └── Windows API calls.md ├── README.md ├── Theory ├── Rootkits.md ├── SIEM Alerts.md ├── SIEM.md └── Threat Modelling.md ├── Threat Hunting ├── Core Windows Processes.md ├── Detection Indicators.md ├── Event Viewer.md ├── Sigma.md ├── Sysmon.md ├── Windows Event IDs.md └── YARA.md └── Tools ├── Forensic Tools ├── Binwalk.md ├── Tools.md └── Volatility Framework.md ├── Palo Alto Networks └── Data Lake.md └── SIEM └── Splunk ├── Adding Data.md ├── Apps Panel.md ├── Apps.md ├── Navigation.md └── Queries.md /Cyber Security Frameworks/Cyber Kill Chain.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Cyber Security Frameworks/Cyber Kill Chain.md -------------------------------------------------------------------------------- /Cyber Security Frameworks/Diamond Model.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Cyber Security Frameworks/Diamond Model.md -------------------------------------------------------------------------------- /Cyber Security Frameworks/MITRE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Cyber Security Frameworks/MITRE.md -------------------------------------------------------------------------------- /Cyber Security Frameworks/The Pyramid Of Pain.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Cyber Security Frameworks/The Pyramid Of Pain.md -------------------------------------------------------------------------------- /Cyber Security Frameworks/Unified Kill Chain.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Cyber Security Frameworks/Unified Kill Chain.md -------------------------------------------------------------------------------- /Cyber Threat Intelligence (CTI)/Definition.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Cyber Threat Intelligence (CTI)/Definition.md -------------------------------------------------------------------------------- /Digital Forensics/Cross-platform/Browsers.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Cross-platform/Browsers.md -------------------------------------------------------------------------------- /Digital Forensics/Cross-platform/Cloud Forensics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Cross-platform/Cloud Forensics.md -------------------------------------------------------------------------------- /Digital Forensics/Cross-platform/Database Forensics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Cross-platform/Database Forensics.md -------------------------------------------------------------------------------- /Digital Forensics/Cross-platform/Email Forensics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Cross-platform/Email Forensics.md -------------------------------------------------------------------------------- /Digital Forensics/Cross-platform/Extensible Storage Engine (ESE).md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Cross-platform/Extensible Storage Engine (ESE).md -------------------------------------------------------------------------------- /Digital Forensics/Hypervisors/Memory Files.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Hypervisors/Memory Files.md -------------------------------------------------------------------------------- /Digital Forensics/Hypervisors/VMWare/Artifacts.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Hypervisors/VMWare/Artifacts.md -------------------------------------------------------------------------------- /Digital Forensics/Hypervisors/VMWare/Memory Dump Creation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Hypervisors/VMWare/Memory Dump Creation.md -------------------------------------------------------------------------------- /Digital Forensics/Hypervisors/VirtualBox/Artifacts.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Hypervisors/VirtualBox/Artifacts.md -------------------------------------------------------------------------------- /Digital Forensics/Hypervisors/VirtualBox/Memory Dump Creation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Hypervisors/VirtualBox/Memory Dump Creation.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Artifacts/Audit Trail.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Artifacts/Audit Trail.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Artifacts/Authentication Logs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Artifacts/Authentication Logs.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Artifacts/Evidence of Execution.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Artifacts/Evidence of Execution.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Artifacts/Group Information.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Artifacts/Group Information.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Artifacts/Login Information.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Artifacts/Login Information.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Artifacts/More Log Files.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Artifacts/More Log Files.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Artifacts/Network Configuration.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Artifacts/Network Configuration.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Artifacts/OS Release.md: -------------------------------------------------------------------------------- 1 | ### Location: /etc/os-release 2 | -------------------------------------------------------------------------------- /Digital Forensics/Linux/Artifacts/Persistence Mechanisms.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Artifacts/Persistence Mechanisms.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Artifacts/Sudoers List.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Artifacts/Sudoers List.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Artifacts/System Configuration.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Artifacts/System Configuration.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Artifacts/User Accounts.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Artifacts/User Accounts.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Commands.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Commands.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Create a forensic image.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Create a forensic image.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/ELF_LOGFILE_HEADER.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/ELF_LOGFILE_HEADER.md -------------------------------------------------------------------------------- /Digital Forensics/Linux/Tools/Rootkit Hunting.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Linux/Tools/Rootkit Hunting.md -------------------------------------------------------------------------------- /Digital Forensics/Mobile/Android Forensics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Mobile/Android Forensics.md -------------------------------------------------------------------------------- /Digital Forensics/Mobile/Cellular Networks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Mobile/Cellular Networks.md -------------------------------------------------------------------------------- /Digital Forensics/Mobile/General.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Mobile/General.md -------------------------------------------------------------------------------- /Digital Forensics/Mobile/IOS Forensics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Mobile/IOS Forensics.md -------------------------------------------------------------------------------- /Digital Forensics/Mobile/SIM Cloning.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Mobile/SIM Cloning.md -------------------------------------------------------------------------------- /Digital Forensics/Theory/Anti-Forensics Techniques.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Theory/Anti-Forensics Techniques.md -------------------------------------------------------------------------------- /Digital Forensics/Theory/Cold vs Live Forensics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Theory/Cold vs Live Forensics.md -------------------------------------------------------------------------------- /Digital Forensics/Theory/DFIR Process.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Theory/DFIR Process.md -------------------------------------------------------------------------------- /Digital Forensics/Theory/Data Acquisition Formats.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Theory/Data Acquisition Formats.md -------------------------------------------------------------------------------- /Digital Forensics/Theory/Data Acquisition Methods.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Theory/Data Acquisition Methods.md -------------------------------------------------------------------------------- /Digital Forensics/Theory/Forensic Evidence Collection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Theory/Forensic Evidence Collection.md -------------------------------------------------------------------------------- /Digital Forensics/Theory/Golden Rules of Forensics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Theory/Golden Rules of Forensics.md -------------------------------------------------------------------------------- /Digital Forensics/Theory/Imaging.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Theory/Imaging.md -------------------------------------------------------------------------------- /Digital Forensics/Theory/Phases of Forensic Investigation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Theory/Phases of Forensic Investigation.md -------------------------------------------------------------------------------- /Digital Forensics/Windows/Artifacts/Evidence of Execution.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Windows/Artifacts/Evidence of Execution.md -------------------------------------------------------------------------------- /Digital Forensics/Windows/Artifacts/External Devices-USB Device Forensics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Windows/Artifacts/External Devices-USB Device Forensics.md -------------------------------------------------------------------------------- /Digital Forensics/Windows/Artifacts/Windows Registry.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Windows/Artifacts/Windows Registry.md -------------------------------------------------------------------------------- /Digital Forensics/Windows/Commands.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Windows/Commands.md -------------------------------------------------------------------------------- /Digital Forensics/Windows/NTFS/Evidence of Execution.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Windows/NTFS/Evidence of Execution.md -------------------------------------------------------------------------------- /Digital Forensics/Windows/NTFS/Features.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Windows/NTFS/Features.md -------------------------------------------------------------------------------- /Digital Forensics/Windows/NTFS/MFT Critical Files.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Windows/NTFS/MFT Critical Files.md -------------------------------------------------------------------------------- /Digital Forensics/Windows/Windows Restore Points.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Digital Forensics/Windows/Windows Restore Points.md -------------------------------------------------------------------------------- /Email Security/Email Authentication.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Email Security/Email Authentication.md -------------------------------------------------------------------------------- /Email Security/Email Flow.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Email Security/Email Flow.md -------------------------------------------------------------------------------- /Email Security/Email Gateway Logs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Email Security/Email Gateway Logs.md -------------------------------------------------------------------------------- /Email Security/Email Header Analysis.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Email Security/Email Header Analysis.md -------------------------------------------------------------------------------- /Email Security/Email X-Headers.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Email Security/Email X-Headers.md -------------------------------------------------------------------------------- /Email Security/Email log artifacts.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Email Security/Email log artifacts.md -------------------------------------------------------------------------------- /Email Security/Email sender domain and SMTP server investigation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Email Security/Email sender domain and SMTP server investigation.md -------------------------------------------------------------------------------- /Incident Response/Frameworks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Incident Response/Frameworks.md -------------------------------------------------------------------------------- /Incident Response/Incident Response Lifecycle.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Incident Response/Incident Response Lifecycle.md -------------------------------------------------------------------------------- /Incident Response/Playbooks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Incident Response/Playbooks.md -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/LICENSE.md -------------------------------------------------------------------------------- /Malware Analysis/Stages.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Malware Analysis/Stages.md -------------------------------------------------------------------------------- /Malware Analysis/Windows API calls.md: -------------------------------------------------------------------------------- 1 | ## Resource: https://malapi.io/ 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/README.md -------------------------------------------------------------------------------- /Theory/Rootkits.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Theory/Rootkits.md -------------------------------------------------------------------------------- /Theory/SIEM Alerts.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Theory/SIEM Alerts.md -------------------------------------------------------------------------------- /Theory/SIEM.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Theory/SIEM.md -------------------------------------------------------------------------------- /Theory/Threat Modelling.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Theory/Threat Modelling.md -------------------------------------------------------------------------------- /Threat Hunting/Core Windows Processes.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Threat Hunting/Core Windows Processes.md -------------------------------------------------------------------------------- /Threat Hunting/Detection Indicators.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Threat Hunting/Detection Indicators.md -------------------------------------------------------------------------------- /Threat Hunting/Event Viewer.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Threat Hunting/Event Viewer.md -------------------------------------------------------------------------------- /Threat Hunting/Sigma.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Threat Hunting/Sigma.md -------------------------------------------------------------------------------- /Threat Hunting/Sysmon.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Threat Hunting/Sysmon.md -------------------------------------------------------------------------------- /Threat Hunting/Windows Event IDs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Threat Hunting/Windows Event IDs.md -------------------------------------------------------------------------------- /Threat Hunting/YARA.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Threat Hunting/YARA.md -------------------------------------------------------------------------------- /Tools/Forensic Tools/Binwalk.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Tools/Forensic Tools/Binwalk.md -------------------------------------------------------------------------------- /Tools/Forensic Tools/Tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Tools/Forensic Tools/Tools.md -------------------------------------------------------------------------------- /Tools/Forensic Tools/Volatility Framework.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Tools/Forensic Tools/Volatility Framework.md -------------------------------------------------------------------------------- /Tools/Palo Alto Networks/Data Lake.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Tools/Palo Alto Networks/Data Lake.md -------------------------------------------------------------------------------- /Tools/SIEM/Splunk/Adding Data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Tools/SIEM/Splunk/Adding Data.md -------------------------------------------------------------------------------- /Tools/SIEM/Splunk/Apps Panel.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Tools/SIEM/Splunk/Apps Panel.md -------------------------------------------------------------------------------- /Tools/SIEM/Splunk/Apps.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Tools/SIEM/Splunk/Apps.md -------------------------------------------------------------------------------- /Tools/SIEM/Splunk/Navigation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Tools/SIEM/Splunk/Navigation.md -------------------------------------------------------------------------------- /Tools/SIEM/Splunk/Queries.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/H3llKa1ser/SOC-Assistant-Guide/HEAD/Tools/SIEM/Splunk/Queries.md --------------------------------------------------------------------------------