BadSamuraiDev / awesome-security-ce

Related projects: ⓘ

• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆49Updated 2 years ago
• gertjanbruggink / metrics
  This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
  ☆93Updated 6 months ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆37Updated 4 months ago
• enisaeu / CNW
  Advisories, guidance, best practice documents and more issued by members of the EU CSIRTs network, a network composed of EU Member States…
  ☆47Updated last week
• Velocidex / velociraptor-docs
  Documentation site for Velociraptor
  ☆35Updated this week
• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆113Updated 9 months ago
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆105Updated last year
• fr0gger / jupyter-collection
  Collection of Jupyter Notebooks by @fr0gger_
  ☆139Updated 2 weeks ago
• BushidoUK / CTI-Lexicon
  Dictionary of CTI-related acronyms, terms, and jargon
  ☆129Updated 9 months ago
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆40Updated 4 months ago
• cisagov / ioc-scanner
  Search a filesystem for indicators of compromise (IoC).
  ☆66Updated 3 weeks ago
• sans-blue-team / sec530-wiki
  ☆51Updated 3 years ago
• guardsight / gsvsoc_cybersecurity-incident-response-plan
  Cybersecurity Incident Response Plan
  ☆86Updated 3 years ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆19Updated 2 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆66Updated last year
• WillOram / cyber-incident-management
  Notes on managing and coordinating the response to major cyber incidents
  ☆38Updated 4 years ago
• splunk / salo
  Synthetic Adversarial Log Objects: A Framework for synthentic log generation
  ☆76Updated 8 months ago
• west-wind / Threat-Hunting-With-Splunk
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆55Updated 4 months ago
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆108Updated 3 years ago
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆40Updated this week
• invictus-ir / o365_dataset
  A dataset containing Office 365 Unified Audit Logs for security research and detection
  ☆41Updated 2 years ago
• SigmaHQ / pySigma-backend-crowdstrike
  SigmaHQ pySigma CrowdStrike processing pipeline
  ☆18Updated this week
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆64Updated 6 months ago
• PacktPublishing / Automating-Security-Detection-Engineering
  Automating Security Detection Engineering, published by Packt
  ☆42Updated 3 months ago
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆62Updated last year
• TheHive-Project / Zerofox2TH
  Zerofox Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
  ☆36Updated 4 years ago
• curated-intel / Threat-Actor-Profile-Guide
  The Threat Actor Profile Guide for CTI Analysts
  ☆89Updated last year
• AndrewRathbun / Awesome-KAPE
  A curated list of KAPE-related resources
  ☆154Updated 4 months ago
• malwarejake-public / conference-presentations
  Conference presentations
  ☆45Updated 11 months ago
• BinaryDefense / ThreatHuntingJupyterNotebooks
  ☆58Updated 2 years ago