Cheat sheets for threat hunting, detection and other stuff.
☆34Oct 7, 2022Updated 3 years ago
Alternatives and similar repositories for Cheat-Sheets
Users that are interested in Cheat-Sheets are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Community content for LogRhythm Axon. Includes Dashboards, searches, analytics rules, processing policies and more.☆10Jul 26, 2024Updated last year
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆813Jan 14, 2026Updated 5 months ago
- Random tips and tricks RE: ransomware☆14Aug 17, 2021Updated 4 years ago
- Security even with a small budget - there is no excuse!☆20May 24, 2023Updated 3 years ago
- List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…☆26Jun 30, 2021Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆13Sep 30, 2022Updated 3 years ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 4 years ago
- Azure AD Incident Response☆28Oct 8, 2021Updated 4 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆210Jul 21, 2022Updated 3 years ago
- ☆72Oct 21, 2024Updated last year
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆108Mar 12, 2026Updated 3 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆13Feb 6, 2018Updated 8 years ago
- Threat Hunter's Knowledge Base☆23Dec 27, 2021Updated 4 years ago
- ☆68May 13, 2022Updated 4 years ago
- DeTT&CT Editor☆12Jun 2, 2026Updated last week
- A proof-of-concept DLL that prints out the password a user enters into Veracrypt while decrypting a volume.☆15Oct 26, 2018Updated 7 years ago
- ☆21May 8, 2022Updated 4 years ago
- Threat Hunting & Incident Investigation with Osquery☆219Mar 30, 2022Updated 4 years ago
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆35Jul 23, 2024Updated last year
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Collection of scripts to extract Azure resource information to support security compliance audit.☆22Jan 18, 2022Updated 4 years ago
- ☆14Jun 1, 2026Updated 2 weeks ago
- /dev/tty☆29May 22, 2026Updated 3 weeks ago
- Collection of Dashboards for Threat Hunting and more!☆76Oct 17, 2020Updated 5 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Apr 10, 2020Updated 6 years ago
- ☆39Aug 23, 2022Updated 3 years ago
- ☆78Jun 25, 2019Updated 6 years ago
- ☆83Sep 29, 2025Updated 8 months ago
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆35Nov 16, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Oct 28, 2023Updated 2 years ago
- Rules Shared by the Community from 100 Days of YARA 2023☆78Apr 12, 2023Updated 3 years ago
- PowerShell script useful for Incident Response and security/configuration baselines for Windows Vista and later☆20Feb 23, 2016Updated 10 years ago
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆27Mar 20, 2025Updated last year
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Oct 31, 2017Updated 8 years ago
- This repo is where I store my Threat Hunting ideas/content☆90Mar 20, 2026Updated 2 months ago
- A collection of small scripts and tools for deobfuscation and malware analysis.☆67Mar 27, 2023Updated 3 years ago