KC7-Foundation / kc7_data
Repo of KC7 challenge scenarios
☆23Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for kc7_data
- Tools for simulating threats☆174Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆116Updated 11 months ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆183Updated 4 months ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆202Updated last year
- Some important DFIR Resources☆82Updated last year
- The Threat Actor Profile Guide for CTI Analysts☆96Updated last year
- ☆54Updated 3 years ago
- Cybersecurity Incident Response Plan☆87Updated 4 years ago
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆74Updated 10 months ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆97Updated 8 months ago
- This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR☆72Updated 2 years ago
- A cybersecurity game in Azure Data Explorer☆162Updated 3 months ago
- Intelligence Architecture Mind Map☆117Updated 7 months ago
- Conference presentations☆47Updated last year
- Repository of public reference frameworks for the DFIR community.☆108Updated last year
- Practical Threat Detection Engineering, Published by Packt☆58Updated last year
- Cyber Underground General Intelligence Requirements☆90Updated 9 months ago
- A collection of various SIEM rules relating to malware family groups.☆61Updated 4 months ago
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆104Updated this week
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆57Updated last week
- A list of Splunk queries that I've collected and used over time.☆72Updated 4 years ago
- MISP to Sentinel integration☆58Updated last week
- Some Threat Hunting queries useful for blue teamers☆123Updated 2 years ago
- Repository of attack and defensive information for Business Email Compromise investigations☆228Updated 2 months ago
- User Feedback Space of #MitreAssistant☆37Updated last year
- An opensource sigma conversion tool built using pysigma☆95Updated this week
- Resources To Learn And Understand SIGMA Rules☆167Updated last year
- Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.☆24Updated last year
- Playbooks for SOC Analysts☆143Updated last year
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 5 months ago