M00NLIG7 / ChopChopGo

Related projects: ⓘ

• The-DFIR-Report / Sigma-Rules
  Rules generated from our investigations.
  ☆186Updated last month
• MISP / misp-playbooks
  MISP Playbooks
  ☆167Updated last month
• randomaccess3 / Awesome-BEC
  Repository of attack and defensive information for Business Email Compromise investigations
  ☆216Updated 3 weeks ago
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆115Updated this week
• UncoderIO / Uncoder_IO
  An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
  ☆124Updated this week
• ControlCompass / ControlCompass.github.io
  Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
  ☆120Updated 6 months ago
• Cyb3r-Monk / RITA-J
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆192Updated 2 years ago
• CrowdStrike / SuperMem
  A python script developed to process Windows memory images based on triage type.
  ☆259Updated 9 months ago
• YARAHQ / yara-forge
  Automated YARA Rule Standardization and Quality Assurance Tool
  ☆154Updated this week
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆159Updated 5 months ago
• center-for-threat-informed-defense / cti-blueprints
  CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…
  ☆189Updated 10 months ago
• dwmetz / CyberPipe
  An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
  ☆266Updated 3 weeks ago
• magicsword-io / sigconverter.io
  An opensource sigma conversion tool built using pysigma
  ☆90Updated 2 weeks ago
• iknowjason / AutomatedEmulation
  An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.
  ☆152Updated 2 months ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆147Updated 3 months ago
• secure-cake / win-mal-investigations
  Windows Malware Investigation Scripts & Docs
  ☆74Updated 6 months ago
• mbabinski / Sigma-Rules
  A repository of my own Sigma detection rules.
  ☆155Updated last week
• BushidoUK / Breach-Report-Collection
  A collection of companies that disclose adversary TTPs after they have been breached
  ☆236Updated 4 months ago
• dfir-dd / dfir-toolkit
  CLI tools for forensic investigation of Windows artifacts
  ☆296Updated last month
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆66Updated last month
• mthcht / Purpleteam
  Purpleteam scripts simulation & Detection - trigger events for SOC detections
  ☆149Updated 3 weeks ago
• tsale / Sigma_rules
  Sigma rules to share with the community
  ☆113Updated last month
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆130Updated last month
• ANSSI-FR / DFIR4vSphere
  Powershell module for VMWare vSphere forensics
  ☆138Updated last year
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆148Updated 11 months ago
• joeavanzato / Trawler
  PowerShell script to help Incident Responders discover potential adversary persistence mechanisms.
  ☆305Updated last month
• IppSec / PowerSiem
  ☆111Updated 5 months ago
• activecm / threat-tools
  Tools for simulating threats
  ☆170Updated 10 months ago
• AirbusProtect / AD-Canaries
  The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…
  ☆200Updated 9 months ago
• nasbench / SIGMA-Resources
  Resources To Learn And Understand SIGMA Rules
  ☆163Updated last year