0xAnalyst / CB-Threat-HuntingView external linksLinks
☆115Jan 31, 2024Updated 2 years ago
Alternatives and similar repositories for CB-Threat-Hunting
Users that are interested in CB-Threat-Hunting are comparing it to the libraries listed below
Sorting:
- Collection of useful, up to date, Carbon Black Response Queries☆84Oct 23, 2020Updated 5 years ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- Searches For Threat Hunting and Security Analytics☆238Mar 26, 2025Updated 10 months ago
- ☆168Jan 20, 2021Updated 5 years ago
- A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit☆240Jul 22, 2021Updated 4 years ago
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- Queries for Carbon Black Response☆11Feb 11, 2020Updated 6 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20May 25, 2022Updated 3 years ago
- Threat Hunting & Incident Investigation with Osquery☆216Mar 30, 2022Updated 3 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,475Jan 12, 2026Updated last month
- A collection of resources for Threat Hunters☆914Oct 15, 2024Updated last year
- CLI Search for Security Operators of MITRE ATT&CK URLs☆17Jan 5, 2023Updated 3 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Aug 3, 2019Updated 6 years ago
- Carbon Black Response IR tool☆55Dec 10, 2020Updated 5 years ago
- Command line interface to Carbon Black Response☆38May 12, 2020Updated 5 years ago
- Carbon Black API - Python language bindings☆145Aug 22, 2024Updated last year
- The Suspicious Email Submitter is a discontinued browser extension (Chrome, Chromium, Firefox) for the easy submission of suspicious emai…☆15Mar 6, 2023Updated 2 years ago
- Collecting & Hunting for IOCs with gusto and style☆241Aug 1, 2021Updated 4 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,173Jul 26, 2023Updated 2 years ago
- Actionable analytics designed to combat threats☆1,006May 25, 2022Updated 3 years ago
- Mitre Att&ck Technique Emulation☆82Mar 6, 2019Updated 6 years ago
- Sample queries for Advanced hunting in Microsoft 365 Defender☆2,048Feb 17, 2022Updated 3 years ago
- Analyze binaries collected in VMware Carbon Black EDR against Yara rules.☆38Jan 17, 2023Updated 3 years ago
- Public release of Whalehoney Honeypot☆29Mar 21, 2022Updated 3 years ago
- An informational repo about hunting for adversaries in your IT environment.☆1,846Nov 17, 2021Updated 4 years ago
- DHCP fingerprints database and related tools☆19Nov 14, 2014Updated 11 years ago
- Detecting ATT&CK techniques & tactics for Linux☆257Oct 1, 2020Updated 5 years ago
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆728Jan 21, 2020Updated 6 years ago
- ☆1,093May 1, 2019Updated 6 years ago
- ☆171Updated this week
- Virtual Machine for Adversary Emulation and Threat Hunting☆1,313Jan 22, 2025Updated last year
- Set of PoC for exploits for QRadar SIEM☆15Jan 14, 2018Updated 8 years ago
- Detect Tactics, Techniques & Combat Threats☆2,263Jan 21, 2026Updated 3 weeks ago
- An information security preparedness tool to do adversarial simulation.☆1,142Apr 1, 2019Updated 6 years ago
- Splunk Security Content☆1,568Updated this week
- Defence Against the Dark Arts☆34Sep 15, 2019Updated 6 years ago
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,439Updated this week
- Windows Events Attack Samples☆2,507Jan 24, 2023Updated 3 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆801Jan 14, 2026Updated last month