host-triage

Here are 3 public repositories matching this topic...

Compcode1 / lsass-memory-scraping

The case illustrates the power of structured host-based triage — beginning with logs and EDR, and moving through file inspection, RAM capture, and finally, network artifact confirmation.

cybersecurity digital-forensics memory-forensics mimikatz lsass credential-dumping windows-forensics host-triage powershell-analysis edr-analysis cybersecurity-case-study

Updated May 1, 2025
Jupyter Notebook

Compcode1 / ioc6-credential-access

Star

This case study documents a stealthy credential-harvesting technique in which the attacker used a lightweight binary (browserdump.exe) to extract stored credentials from browser cache files—specifically Chrome and Edge—without elevating privileges or triggering persistence indicators.

credential-theft host-triage edr-analysis browser-harvesting ioc-case-study

Updated May 12, 2025
Jupyter Notebook

Compcode1 / ioc13-arp-spoofing

Star

ARP Spoofing is not an isolated event—it is the tactical execution of a mid-stage attacker who has already compromised a host and now seeks to manipulate local traffic routing for stealthy gain.

network-forensics arp-spoofing intrusion-analysis host-triage layer2-security

Updated May 19, 2025
Jupyter Notebook

Improve this page

Add a description, image, and links to the host-triage topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the host-triage topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly