LetsDefend / incident-response-playbooks
☆171Updated last year
Alternatives and similar repositories for incident-response-playbooks:
Users that are interested in incident-response-playbooks are comparing it to the libraries listed below
- CLI tools for forensic investigation of Windows artifacts☆326Updated 4 months ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆195Updated 8 months ago
- Some important DFIR Resources☆83Updated 2 years ago
- ☆236Updated 2 months ago
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆183Updated 8 months ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆231Updated this week
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆390Updated 2 months ago
- Windows Malware Investigation Scripts & Docs☆75Updated 4 months ago
- A collection of CVEs weaponized by ransomware operators☆111Updated last week
- ☆41Updated 2 years ago
- Unlock the power of Splunk SIEM for comprehensive log analysis. Collaborate and innovate with our Splunk Log Analysis Projects on GitHub☆117Updated 9 months ago
- MISP Playbooks☆188Updated last month
- Playbooks for SOC Analysts☆431Updated 2 years ago
- SIEM Cheat Sheet☆73Updated last year
- ☆101Updated this week
- Hands-on cybersecurity projects to enhance skills in phishing investigation, malware analysis, network intrusion detection, and DDoS atta…☆119Updated 9 months ago
- A collection of companies that disclose adversary TTPs after they have been breached☆244Updated 10 months ago
- practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response☆394Updated last year
- A powerful home-lab focused on setting up Splunk SIEM and real-world use cases. If you’re interested to become SOC Analyst(Tier 1/2) , th…☆50Updated 11 months ago
- Useful resources about phishing email analysis☆81Updated last month
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆215Updated this week
- ☆46Updated 3 weeks ago
- Some Threat Hunting queries useful for blue teamers☆125Updated 2 years ago
- ThreatSeeker: Threat Hunting via Windows Event Logs☆120Updated last year
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆183Updated 3 months ago
- Completely Risky Active-Directory Simulation Hub☆99Updated last year
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆153Updated 10 months ago
- Welcome to Project KillChain, a comprehensive GitHub repository for Red and Blue Teams. This repository houses tools, scripts, technique…☆100Updated 7 months ago
- ☆43Updated last year
- SOAR Automation with Shuffle, Wazuh & TheHive | This project integrates Shuffle SOAR, Wazuh SIEM, and TheHive to automate security incide…☆87Updated last month