CyberCastle-Blueteam / OpenThreatDetectionRules
A collection of open source threat detection rules created by Cyber Castle's team.
☆14Updated 2 years ago
Related projects: ⓘ
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated 3 weeks ago
- This repo is where I store my Threat Hunting ideas/content☆85Updated last year
- ☆19Updated last year
- A collection of Sigma rules organized by MITRE ATT&CK technique☆15Updated 3 years ago
- Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.☆27Updated last year
- ☆59Updated 3 years ago
- User Feedback Space of #MitreAssistant☆37Updated last year
- ☆84Updated 7 months ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- Full of public notes and Utilities☆81Updated 3 weeks ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆64Updated 2 years ago
- CarbonBlack EDR detection rules and response actions☆70Updated last week
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆36Updated 3 years ago
- Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.☆59Updated 2 months ago
- Script to automate Linux live evidence collection☆27Updated 2 years ago
- ☆61Updated last year
- ☆13Updated last year
- IOC Collection 2022☆55Updated last year
- Cyber Threats Detection Rules☆13Updated last week
- Cloud-based AD lab created to help you test real attacks in a controlled environment and create detection rules for them☆26Updated 6 months ago
- Config files for my GitHub profile.☆15Updated last year
- Collection of scripts provided for public use☆28Updated last month
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 4 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆113Updated 9 months ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆84Updated last year
- Forensics artifacts collection☆19Updated 3 years ago
- Cheat sheets for threat hunting, detection and other stuff.☆31Updated last year
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 4 months ago
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated last year