This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team
☆20Oct 9, 2024Updated last year
Alternatives and similar repositories for IR-Cheatsheets
Users that are interested in IR-Cheatsheets are comparing it to the libraries listed below
Sorting:
- This Repository gives the best and possible strategies against hunting the ransomware☆26Aug 23, 2022Updated 3 years ago
- ☆12Feb 9, 2025Updated last year
- Threat Hunt Investigation Methodology and Procedure☆15Jul 11, 2022Updated 3 years ago
- Have you ever wanted to search a link or IP address on multiple OSINT pages at once?☆59Jul 7, 2025Updated 8 months ago
- ☆16Feb 11, 2026Updated 3 weeks ago
- CrlfiX☆21Jan 30, 2025Updated last year
- 🔍 SubWatch – Automated Subdomain Monitoring Script☆40Jun 13, 2025Updated 8 months ago
- A summary of the most abbreviations I encountered so far☆28Jan 18, 2026Updated last month
- Advanced Threat Hunting: Ransomware Group☆29Jul 9, 2025Updated 8 months ago
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- ☆32Mar 26, 2024Updated last year
- A collection of reports and case studies to understand the threat landscape for UK critical infrastructure☆38Jan 23, 2024Updated 2 years ago
- This tool can gather a lot of info without any defender alerts. It is useful for Penetration testers, SOC Analysts, System administrators…☆29Apr 9, 2025Updated 11 months ago
- Comprehensive SOC Analyst notes covering incident response, threat hunting, SOC workflows, and cybersecurity concepts—perfect for exam pr…☆112Feb 26, 2026Updated last week
- yara detection rules for hunting with the threathunting-keywords project☆157May 11, 2025Updated 9 months ago
- ☆11Feb 28, 2022Updated 4 years ago
- The official Prelude SIEM GitHub of https://www.prelude-siem.org☆40Jun 12, 2016Updated 9 years ago
- Phishing Framework for OTP codes☆47Nov 24, 2025Updated 3 months ago
- k8s ConfigMaps and Secrets Usage.☆11Jan 24, 2025Updated last year
- WA Cyber Security Unit (DGOV Technical) site☆44Updated this week
- Docker container for running CobaltStrike 4.10☆38Sep 18, 2024Updated last year
- A collection of slides and presentations from BSides Ahmedabad 2024, held on October 12th and 13th. This repository features key insights…☆39Oct 17, 2024Updated last year
- This repository contains scripts about ACL abuse and any other active directory attacking methods.☆36Aug 20, 2023Updated 2 years ago
- ☆29Jan 19, 2026Updated last month
- The OWASP Testing Guide v4.2 Checlist [2023]☆13Jan 15, 2023Updated 3 years ago
- Python script to create CSV, HTML & PDF filtered for repo tags☆13Jul 26, 2024Updated last year
- Port Invaders is an arcade-style educational game designed to help you learn and memorize common networking port numbers. Whether you're …☆17Sep 4, 2023Updated 2 years ago
- ☆11Nov 11, 2023Updated 2 years ago
- ☆13Mar 12, 2025Updated 11 months ago
- This project contains a **test executable** specifically designed to trigger incidents in **Microsoft Defender for Endpoint (MDE)**. It…☆14Jul 20, 2025Updated 7 months ago
- ☆11Mar 12, 2020Updated 5 years ago
- HOCig- Automatic HOC Information Gathering Tool V 1.2☆10May 4, 2021Updated 4 years ago
- A repository of my own Sigma detection rules.☆163Nov 25, 2025Updated 3 months ago
- Microsoft Exchange password spray tool with proxy support.☆39Jul 9, 2021Updated 4 years ago
- Initial triage of Windows Event logs☆106Jun 16, 2024Updated last year
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆196Feb 23, 2026Updated 2 weeks ago
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆193Dec 20, 2024Updated last year
- ☆13May 30, 2025Updated 9 months ago
- [WIP] revamping the repo to publish on hugo themes☆13May 11, 2025Updated 9 months ago