BlackPerl-DFIR / SOC-OpenSource

Related projects ⓘ

Alternatives and complementary repositories for SOC-OpenSource

• cyb3rxp / awesome-soc
  A collection of sources of documentation, as well as field best practices, to build/run a SOC
  ☆1,235Updated last week
• counteractive / incident-response-plan-template
  A concise, directive, specific, flexible, and free incident response plan template
  ☆650Updated 6 months ago
• socfortress / Wazuh-Rules
  Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
  ☆597Updated 2 months ago
• certsocietegenerale / IRM
  Incident Response Methodologies 2022
  ☆979Updated 9 months ago
• guardsight / gsvsoc_cirt-playbook-battle-cards
  Cyber Incident Response Team Playbook Battle Cards
  ☆360Updated 6 months ago
• ch33r10 / EnterprisePurpleTeaming
  Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.
  ☆642Updated last year
• socfortress / Playbooks
  Playbooks for SOC Analysts
  ☆144Updated last year
• atc-project / atc-react
  A knowledge base of actionable Incident Response techniques
  ☆614Updated 2 years ago
• bluecapesecurity / PWF
  Practical Windows Forensics Training
  ☆617Updated 8 months ago
• infosecB / awesome-detection-engineering
  Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…
  ☆849Updated 2 months ago
• BushidoUK / Open-source-tools-for-CTI
  Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
  ☆595Updated 3 weeks ago
• vm32 / Linux-Incident-Response
  practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
  ☆368Updated 10 months ago
• correlatedsecurity / Awesome-SOAR
  A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.
  ☆812Updated 2 months ago
• scythe-io / purple-team-exercise-framework
  Purple Team Exercise Framework
  ☆624Updated 10 months ago
• mthcht / awesome-lists
  Awesome Security lists for SOC/CERT/CTI
  ☆714Updated this week
• splunk / botsv3
  Splunk Boss of the SOC version 3 dataset.
  ☆291Updated 4 years ago
• mdecrevoisier / EVTX-to-MITRE-Attack
  Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
  ☆528Updated 2 months ago
• Bert-JanP / Open-Source-Threat-Intel-Feeds
  This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…
  ☆563Updated 4 months ago
• LetsDefend / awesome-soc-analyst
  Useful resources for SOC Analyst and SOC Analyst candidates.
  ☆626Updated last year
• mthcht / ThreatHunting-Keywords
  Awesome list of keywords and artifacts for Threat Hunting sessions
  ☆471Updated last week
• splunk / attack_data
  A repository of curated datasets from various attacks
  ☆588Updated this week
• cyb3rfox / Aurora-Incident-Response
  Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
  ☆767Updated last year
• TonyPhipps / SIEM
  SIEM Tactics, Techiques, and Procedures
  ☆586Updated 3 weeks ago
• stuhli / awesome-event-ids
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆588Updated 5 months ago
• splunk / security_content
  Splunk Security Content
  ☆1,295Updated this week
• MISP / misp-docker
  A production ready Dockered MISP
  ☆168Updated this week
• LetsDefend / SOC-Interview-Questions
  SOC Interview Questions
  ☆1,053Updated 2 months ago
• Arudjreis / awesome-security-GRC
  Curated list of resources for security Governance, Risk Management, Compliance and Audit professionals and enthusiasts (if they exist).
  ☆609Updated 3 months ago
• zdhenard42 / SOC-Multitool
  A powerful and user-friendly browser extension that streamlines investigations for security professionals.
  ☆338Updated 3 months ago