CCXLabs / CCXDiggerLinks
The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
☆45Updated 5 years ago
Alternatives and similar repositories for CCXDigger
Users that are interested in CCXDigger are comparing it to the libraries listed below
Sorting:
- A community event for security researchers to share their favorite notebooks☆108Updated last year
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆115Updated last year
- Cloud Templates and scripts to deploy mordor environments☆129Updated 4 years ago
- ☆88Updated last month
- Resources for SANS CTI Summit 2021 presentation☆103Updated last year
- Repository for SPEED SIEM Use Case Framework☆56Updated 5 years ago
- Recon Hunt Queries☆78Updated 4 years ago
- Collection of useful, up to date, Carbon Black Response Queries☆84Updated 4 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆110Updated 5 years ago
- ☆42Updated 4 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆54Updated 3 years ago
- Python library for threat intelligence☆89Updated 8 months ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆45Updated 3 years ago
- Detection Ideas & Rules repository.☆179Updated 4 years ago
- Sigma Detection Rule Repository☆89Updated 5 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- This is a set of tools for doing forensics analysis on Microsoft ESE databases.☆125Updated 3 years ago
- ☆77Updated 6 years ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆37Updated 3 years ago
- ☆12Updated 10 months ago
- ☆35Updated 11 months ago
- Converts Sigma detection rules to a Splunk alert configuration.☆112Updated 5 years ago
- CSIRT Jump Bag☆26Updated last year
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆84Updated last year
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.☆42Updated 2 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated 2 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆75Updated last year
- Collection of resources related to the Center for Threat-Informed Defense☆76Updated last year
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆25Updated 6 years ago