CyberSecOps / ThreatHunter-Playbook
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
☆12Updated 8 months ago
Related projects ⓘ
Alternatives and complementary repositories for ThreatHunter-Playbook
- SIEM Cheat Sheet☆72Updated last year
- MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository☆109Updated last year
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆75Updated 11 months ago
- ☆61Updated 3 years ago
- Some Threat Hunting queries useful for blue teamers☆123Updated 2 years ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 6 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 6 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 2 months ago
- This repo is where I store my Threat Hunting ideas/content☆85Updated last year
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆36Updated 3 years ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆85Updated last year
- Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques t…☆115Updated 3 months ago
- ☆72Updated this week
- ☆43Updated last month
- Docker Crash Course: How to containerize your favorite security tools☆27Updated last year
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆110Updated 7 months ago
- Repository resource for threat hunter☆158Updated 6 years ago
- This provides a guided step by step walkthrough for threat modeling with MITRE ATT&CK Framework☆26Updated last year
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆59Updated 3 weeks ago
- Useful resources about phishing email analysis☆76Updated 2 years ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆52Updated last month
- List of tools and resources for pentesting Microsoft Active Directory☆28Updated this week
- Cloud-based AD lab created to help you test real attacks in a controlled environment and create detection rules for them☆26Updated 9 months ago
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- The Threat Actor Profile Guide for CTI Analysts☆97Updated last year
- Yoink is a quick tool for use with Obsidian that will allow you to take a markdown file and package it up into a folder that will allow y…☆13Updated last year
- This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR☆71Updated 2 years ago
- ☆28Updated 4 years ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆125Updated 2 years ago