Cheat sheets for threat hunting, detection and other stuff.
☆34Oct 7, 2022Updated 3 years ago
Alternatives and similar repositories for Cheat-Sheets
Users that are interested in Cheat-Sheets are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Community content for LogRhythm Axon. Includes Dashboards, searches, analytics rules, processing policies and more.☆10Jul 26, 2024Updated last year
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆812Jan 14, 2026Updated 3 months ago
- Random tips and tricks RE: ransomware☆14Aug 17, 2021Updated 4 years ago
- Reference sheet for Threat Hunting Professional Course☆26Mar 10, 2019Updated 7 years ago
- List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…☆26Jun 30, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 3 years ago
- Azure AD Incident Response☆28Oct 8, 2021Updated 4 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆209Jul 21, 2022Updated 3 years ago
- ☆72Oct 21, 2024Updated last year
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆108Mar 12, 2026Updated last month
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Threat Hunter's Knowledge Base☆22Dec 27, 2021Updated 4 years ago
- ☆68May 13, 2022Updated 3 years ago
- DeTT&CT Editor☆12Apr 29, 2026Updated last week
- A proof-of-concept DLL that prints out the password a user enters into Veracrypt while decrypting a volume.☆15Oct 26, 2018Updated 7 years ago
- ☆21May 8, 2022Updated 3 years ago
- Threat Hunting & Incident Investigation with Osquery☆217Mar 30, 2022Updated 4 years ago
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆35Jul 23, 2024Updated last year
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- Collection of scripts to extract Azure resource information to support security compliance audit.☆22Jan 18, 2022Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆11Dec 9, 2025Updated 4 months ago
- /dev/tty☆29Mar 31, 2026Updated last month
- Collection of Dashboards for Threat Hunting and more!☆75Oct 17, 2020Updated 5 years ago
- ☆38Aug 23, 2022Updated 3 years ago
- ☆77Jun 25, 2019Updated 6 years ago
- ☆82Sep 29, 2025Updated 7 months ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Jul 27, 2020Updated 5 years ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆21Jul 1, 2023Updated 2 years ago
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆34Nov 16, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Oct 28, 2023Updated 2 years ago
- Rules Shared by the Community from 100 Days of YARA 2023☆78Apr 12, 2023Updated 3 years ago
- PowerShell script useful for Incident Response and security/configuration baselines for Windows Vista and later☆20Feb 23, 2016Updated 10 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Oct 31, 2017Updated 8 years ago
- This repo is where I store my Threat Hunting ideas/content☆90Mar 20, 2026Updated last month
- A collection of small scripts and tools for deobfuscation and malware analysis.☆67Mar 27, 2023Updated 3 years ago
- Use DNS to hunt for threats including DGAs☆15Jan 4, 2016Updated 10 years ago