CyberCastle-Blueteam / OpenThreatDetectionRules

Related projects: ⓘ

• mattnotmax / DFIR-notes
  Random notes collected on the intertubes relating to DFIR
  ☆32Updated last year
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆47Updated 3 weeks ago
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆85Updated last year
• svch0stz / velociraptor-detections
  ☆19Updated last year
• blacklanternsecurity / sigma-rules
  A collection of Sigma rules organized by MITRE ATT&CK technique
  ☆15Updated 3 years ago
• 3gbCyber / IR-Last-Write-Time
  Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.
  ☆27Updated last year
• CyberSecurityUP / Adversary-Emulation-Matrix
  ☆59Updated 3 years ago
• dfirence / ma-insights-xe
  User Feedback Space of #MitreAssistant
  ☆37Updated last year
• CrowdStrike / xwf-yara-scanner
  ☆84Updated 7 months ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆40Updated 4 years ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆81Updated 3 weeks ago
• hackjalstead / IRCP
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆64Updated 2 years ago
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆70Updated last week
• archanchoudhury / Detection-Rule-Dump
  This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.
  ☆36Updated 3 years ago
• montysecurity / InfraHunter
  Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.
  ☆59Updated 2 months ago
• Dead-Simple-Scripts / AutoLLR
  Script to automate Linux live evidence collection
  ☆27Updated 2 years ago
• dfircheatsheet / dfircheatsheet.github.io
  ☆61Updated last year
• secnnet / CrowdStrike-Falcon-Search-Queries
  ☆13Updated last year
• pr0xylife / Emotet
  IOC Collection 2022
  ☆55Updated last year
• edelucia / rules
  Cyber Threats Detection Rules
  ☆13Updated last week
• MalTrakLab / purple-team-cloud-lab
  Cloud-based AD lab created to help you test real attacks in a controlled environment and create detection rules for them
  ☆26Updated 6 months ago
• pr0xylife / pr0xylife
  Config files for my GitHub profile.
  ☆15Updated last year
• TazWake / Public
  Collection of scripts provided for public use
  ☆28Updated last month
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆81Updated 4 months ago
• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆113Updated 9 months ago
• darkquasar / AIMOD2
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆84Updated last year
• nrrpinto / inquisitor
  Forensics artifacts collection
  ☆19Updated 3 years ago
• Cyb3r-Monk / Cheat-Sheets
  Cheat sheets for threat hunting, detection and other stuff.
  ☆31Updated last year
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆75Updated 4 months ago
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆76Updated last year