☆115Jan 31, 2024Updated 2 years ago
Alternatives and similar repositories for CB-Threat-Hunting
Users that are interested in CB-Threat-Hunting are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Collection of useful, up to date, Carbon Black Response Queries☆85Oct 23, 2020Updated 5 years ago
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- Queries for Carbon Black Response☆11Feb 11, 2020Updated 6 years ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit☆241Jul 22, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20May 25, 2022Updated 3 years ago
- Searches For Threat Hunting and Security Analytics☆239Mar 26, 2025Updated last year
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,544Jan 12, 2026Updated 3 months ago
- Carbon Black Response IR tool☆56Dec 10, 2020Updated 5 years ago
- A collection of resources for Threat Hunters☆917Oct 15, 2024Updated last year
- Threat Hunting & Incident Investigation with Osquery☆219Mar 30, 2022Updated 4 years ago
- ☆168Jan 20, 2021Updated 5 years ago
- ☆21Feb 10, 2021Updated 5 years ago
- Carbon Black API - Python language bindings☆146Aug 22, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- CLI Search for Security Operators of MITRE ATT&CK URLs☆17Jan 5, 2023Updated 3 years ago
- Mitre Att&ck Technique Emulation☆82Mar 6, 2019Updated 7 years ago
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆731Jan 21, 2020Updated 6 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,182Jul 26, 2023Updated 2 years ago
- Detecting ATT&CK techniques & tactics for Linux☆257Oct 1, 2020Updated 5 years ago
- Defence Against the Dark Arts☆34Sep 15, 2019Updated 6 years ago
- Analyze binaries collected in VMware Carbon Black EDR against Yara rules.☆38Feb 23, 2026Updated 2 months ago
- Actionable analytics designed to combat threats☆1,009May 25, 2022Updated 3 years ago
- Collecting & Hunting for IOCs with gusto and style☆241Aug 1, 2021Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- event shipper for Carbon Black Defense notifications☆10Feb 25, 2023Updated 3 years ago
- An informational repo about hunting for adversaries in your IT environment.☆1,864Nov 17, 2021Updated 4 years ago
- virustotal API-based project for checking the list of hashes against virustotal.com database☆11Feb 26, 2018Updated 8 years ago
- Sample queries for Advanced hunting in Microsoft 365 Defender☆2,058Feb 17, 2022Updated 4 years ago
- A repository of my own Sigma detection rules.☆165Nov 25, 2025Updated 5 months ago
- Volatility plugins developed and maintained by the community☆22Sep 18, 2024Updated last year
- Anything related to Ghidra☆12Apr 22, 2019Updated 7 years ago
- ☆176Updated this week
- CB API scripts for IR, administration, etc.☆32Jun 3, 2019Updated 6 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆1,093May 1, 2019Updated 7 years ago
- Connector for pulling and converting STIX information from TAXII Service Providers into CB Feeds.☆15Jul 1, 2022Updated 3 years ago
- Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.☆72Feb 20, 2026Updated 2 months ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Aug 3, 2019Updated 6 years ago
- Framework that sits on top of Splunk Enterprise Security to do auto-mitigation☆14Dec 29, 2014Updated 11 years ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆169Dec 10, 2018Updated 7 years ago
- Windows Events Attack Samples☆2,554Jan 24, 2023Updated 3 years ago