0xtibs / Threat_Intel
Automating simple report creating of threat intelligence using ChatGPT and Greynoise API.
☆10Updated last year
Alternatives and similar repositories for Threat_Intel
Users that are interested in Threat_Intel are comparing it to the libraries listed below
Sorting:
- CSIRT Jump Bag☆26Updated last year
- ☆13Updated 4 months ago
- My Jupyter Notebooks☆36Updated 2 months ago
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆22Updated 4 months ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆88Updated 9 months ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆111Updated 5 months ago
- SigmaHQ pySigma CrowdStrike processing pipeline☆26Updated 7 months ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆41Updated last year
- Conference presentations☆47Updated last year
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 6 months ago
- ☆41Updated 2 years ago
- A preconfigured Velociraptor triage collector☆51Updated last week
- Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.☆26Updated last year
- Azure function to insert MISP data in to Azure Sentinel☆32Updated 2 years ago
- ☆72Updated 6 months ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆19Updated last year
- ☆23Updated 8 months ago
- Logbook for Digital Forensics and Incident Response☆50Updated 10 months ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆70Updated last year
- ☆16Updated 2 years ago
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated last year
- Crowdstrike response script containing various functions for IR/triage☆12Updated 4 years ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆37Updated 3 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated 7 months ago
- Learn how to get more out of publicly available threat reports to help improve the security posture of your organization! TLP: White Thre…☆15Updated last year
- A collection of various SIEM rules relating to malware family groups.☆66Updated 10 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆55Updated 2 months ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆88Updated 6 months ago
- Remote access and Antivirus Logging Database☆42Updated last year