meta data for this page
  •  

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
soc:tools:start [2026/06/10 14:36] titannetsoc:tools:start [2026/06/10 15:04] (current) titannet
Line 6: Line 6:
   * [[kibana]]   * [[kibana]]
   * [[splunk]]   * [[splunk]]
- 
  
  
 ===== Network ===== ===== Network =====
  
-[[wireshark]]+  * [[wireshark]]
  
  
Line 17: Line 16:
 ===== IR ===== ===== IR =====
  
-  * [[x-ways]]+  * [[velociraptor]] 
 +    * remote artefact collection and administration 
 +  * [[iris]] 
 +    * Collaborative Incident Response Platform 
 +  * [[x_ways]]
   * [[axiom]]   * [[axiom]]
-  * [[f-Response]]+  * [[f_Response]]
   * [[arsenal_image_mounter]]   * [[arsenal_image_mounter]]
   * [[magnet_ram_capture]]   * [[magnet_ram_capture]]
Line 56: Line 59:
   * [[usp]]   * [[usp]]
     * TZWorks, USB parser     * TZWorks, USB parser
 +  * [[sysinternals]]
 +    * tcpview, resmon, 
  
  
 ===== Malware Analysis ===== ===== Malware Analysis =====
  
-[[https://threatfox.abuse.ch]] +  * [[https://threatfox.abuse.ch]] 
-[[https://bazaar.abuse.ch]] +  [[https://bazaar.abuse.ch]] 
-[[https://thalosintelligence.com]] +  [[https://thalosintelligence.com]] 
-[[https://www.virustotal.com]]+  [[https://www.virustotal.com]]
  
  
Line 77: Line 82:
  
  
 +==== Active Directory ====
 +
 + * [[ping_castle]]