DefensiveOrigins / DO-LAB

Related projects ⓘ

Alternatives and complementary repositories for DO-LAB

• securityjoes / Crowdstrike-Deploy
  The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆22Updated 2 months ago
• reprise99 / 4688-sysmon
  ☆48Updated last year
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆85Updated last year
• secgroundzero / KQL_Reference_Manual
  ☆40Updated 3 years ago
• biffalo / easy-wins-endpoint-defense
  Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…
  ☆38Updated 7 months ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆35Updated 11 months ago
• rj-chap / ransomware_tips
  Random tips and tricks RE: ransomware
  ☆14Updated 3 years ago
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆44Updated 7 months ago
• ssnkhan / adversarial-threat-modelling
  Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop
  ☆56Updated last week
• iknowjason / BlueCloud
  Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
  ☆125Updated 2 years ago
• mr-r3b00t / KQL
  This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet
  ☆10Updated last year
• bengoerz / PurpleTeamDocs
  ☆28Updated 4 years ago
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆25Updated 6 months ago
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆81Updated 6 months ago
• humio / security_monitoring
  ☆40Updated last year
• hackjalstead / IRCP
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆64Updated 2 years ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆47Updated 2 weeks ago
• Neo23x0 / Talks
  Slides of my public talks
  ☆46Updated 11 months ago
• mvelazc0 / msInvader
  M365/Azure adversary simulation tool designed to simulate adversary techniques and generate attack telemetry.
  ☆112Updated this week
• rootsecdev / Presentations
  Presentations from Conferences
  ☆26Updated 2 months ago
• jangeisbauer / gundog
  gundog - guided hunting in Microsoft Defender
  ☆52Updated 3 years ago
• PlumHound / PlumHound-Tasks
  Community Tasks/Plans for PlumHound Queueing
  ☆23Updated last year
• malwarejake-public / conference-presentations
  Conference presentations
  ☆47Updated last year
• svch0stz / velociraptor-detections
  ☆19Updated last year
• WillOram / AzureAD-incident-response
  Notes on responding to security breaches relating to Azure AD
  ☆96Updated 2 years ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆70Updated last month
• archanchoudhury / Threat-Hunting
  This Repository gives the best and possible strategies against hunting the ransomware
  ☆24Updated 2 years ago
• 0xAnalyst / DefenderATPQueries
  Hunting Queries for Defender ATP
  ☆73Updated this week
• olafhartong / MDE-AuditCheck
  MDE relies on some of the Audit settings to be enabled
  ☆97Updated 2 years ago
• CyberDefend3r / PowerShell-Deobfuscation-Exercise
  An exercise to practice deobfuscating PowerShell Scripts.
  ☆28Updated last year