KC7-Foundation / kc7
A cybersecurity game in Azure Data Explorer
☆170Updated 9 months ago
Alternatives and similar repositories for kc7:
Users that are interested in kc7 are comparing it to the libraries listed below
- Tools for simulating threats☆183Updated last year
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆201Updated 4 years ago
- Some important DFIR Resources☆83Updated 2 years ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆196Updated 9 months ago
- Repository of attack and defensive information for Business Email Compromise investigations☆250Updated 2 months ago
- MISP Playbooks☆197Updated 2 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆118Updated last year
- Repository of public reference frameworks for the DFIR community.☆116Updated last year
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆239Updated last month
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆280Updated 8 months ago
- Blue Team detection lab created with Terraform and Ansible in Azure.☆153Updated 5 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated 11 months ago
- Windows Malware Investigation Scripts & Docs☆81Updated 5 months ago
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆123Updated 3 weeks ago
- Some Threat Hunting queries useful for blue teamers☆125Updated 2 years ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆234Updated last month
- Dashboard for conducting Backdoors and Breaches sessions over Zoom.☆114Updated 6 months ago
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆198Updated 7 months ago
- The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportu…☆207Updated 2 months ago
- Jupyter Notebooks for the Blue Team☆145Updated last month
- Notes on responding to security breaches relating to Azure AD☆110Updated 3 years ago
- Incident Response documents and tooling☆70Updated last year
- Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science☆137Updated 3 weeks ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆111Updated 5 months ago
- ☆58Updated 3 years ago
- Tools to automatically create a SANS index based off the course pdf files.☆96Updated 4 years ago
- A repository of my own Sigma detection rules.☆158Updated 7 months ago
- Open Threat Hunting Framework☆114Updated last year
- Resources To Learn And Understand SIGMA Rules☆174Updated 2 years ago
- Conference presentations☆47Updated last year