AdvancedThreatAnalytics / threat-analytics-search
Threat Analytics Search Chrome Extension
☆12Updated last year
Alternatives and similar repositories for threat-analytics-search:
Users that are interested in threat-analytics-search are comparing it to the libraries listed below
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆22Updated 3 months ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆55Updated 3 years ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆132Updated 2 years ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆110Updated 4 months ago
- Web based S1 query navigator for one-click threat hunting☆18Updated 4 years ago
- ☆33Updated 6 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆39Updated 11 months ago
- SigmaHQ pySigma CrowdStrike processing pipeline☆24Updated 5 months ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆40Updated 4 years ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆52Updated last year
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆66Updated last year
- ☆72Updated 5 months ago
- Convert Sigma rules to LogRhythm searches☆20Updated 3 years ago
- My Jupyter Notebooks☆36Updated 2 weeks ago
- Azure function to insert MISP data in to Azure Sentinel☆31Updated 2 years ago
- A community event for security researchers to share their favorite notebooks☆107Updated last year
- ☆6Updated 5 months ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- A preconfigured Velociraptor triage collector☆46Updated this week
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆36Updated last week
- Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation☆25Updated 11 months ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆114Updated last year
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆80Updated last year
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆37Updated 2 years ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆76Updated 4 months ago
- ☆42Updated 4 years ago
- Recon Hunt Queries☆76Updated 3 years ago
- pocket guide for core detection engineering concepts☆28Updated last year
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Updated 4 years ago
- Anvilogic Forge☆95Updated 2 weeks ago