JPCERTCC / DetectLM
Detecting Lateral Movement with Machine Learning
☆137Updated 7 years ago
Related projects ⓘ
Alternatives and complementary repositories for DetectLM
- PowerShell No Agent Hunting☆108Updated 6 years ago
- Mitre Att&ck Technique Emulation☆82Updated 5 years ago
- Cuckoo Sandbox is an automated dynamic malware analysis system☆106Updated 4 years ago
- TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs…☆148Updated 6 months ago
- A lightweight tool to load Windows Event Log evtx files into Elasticsearch.☆115Updated 4 years ago
- Simulating Adversary Operations☆93Updated 6 years ago
- ☆347Updated 3 years ago
- A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…☆71Updated 3 years ago
- Understanding ATT&CK Matrix for Enterprise☆79Updated 6 years ago
- Threat Alert Logic Repository☆89Updated 5 years ago
- Repository for my ATT&CK analysis research.☆68Updated 5 years ago
- ☆158Updated 3 years ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆162Updated 5 years ago
- Automated Tactics Techniques & Procedures☆250Updated last year
- IR-Tools - PowerShell tools for IR☆128Updated 7 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆86Updated 2 years ago
- Sandbox feature upgrade with the help of wrapped samples☆75Updated 6 years ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆79Updated 3 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆255Updated 5 years ago
- Splunk App for MITRE Att&CK Navigator(TM)☆23Updated 3 years ago
- Malware/IOC ingestion and processing engine☆103Updated 6 years ago
- Test Blue Team detections without running any attack.☆271Updated 6 months ago
- All materials from our Black Hat 2018 "Subverting Sysmon" talk☆136Updated 6 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆112Updated 5 years ago
- Repo containing docker-compose files and setup scripts without having to clone the individual reternal components☆107Updated 3 years ago
- Repository of yara rules☆60Updated last year
- Tools for the Computer Incident Response Team☆142Updated 7 years ago
- A PowerShell script to interact with the MITRE ATT&CK Framework via its own API☆367Updated 5 years ago
- Invoke-LiveResponse☆145Updated 2 years ago