MalwareArchaeology / ATTACKLinks
MITRE ATT&CK Windows Logging Cheat Sheets
☆340Updated 6 years ago
Alternatives and similar repositories for ATTACK
Users that are interested in ATTACK are comparing it to the libraries listed below
Sorting:
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆352Updated 4 years ago
- ATT&CK Remote Threat Hunting Incident Response☆200Updated 5 months ago
- Powershell Threat Hunting Module☆283Updated 8 years ago
- DFIRTrack - The Incident Response Tracking Application☆498Updated 8 months ago
- Collecting & Hunting for IOCs with gusto and style☆238Updated 3 years ago
- Misc Threat Hunting Resources☆373Updated 2 years ago
- CASCADE Server☆270Updated 2 years ago
- Tool Analysis Result Sheet☆353Updated 7 years ago
- ☆116Updated last year
- A PowerShell script to interact with the MITRE ATT&CK Framework via its own API☆369Updated 6 years ago
- Sigma rules from Joe Security☆214Updated 6 months ago
- ☆173Updated 11 months ago
- Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries☆449Updated 3 years ago
- Digital forensic acquisition tool for Windows based incident response.☆341Updated last year
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆501Updated 2 years ago
- A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit☆234Updated 3 years ago
- Searches For Threat Hunting and Security Analytics☆241Updated 2 months ago
- ☆350Updated 4 years ago
- Data from a BRAWL Automated Adversary Emulation Exercise☆206Updated 4 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆246Updated 3 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆276Updated last year
- EventList☆376Updated 4 years ago
- Dump of organized knowledge on DFIR☆134Updated 3 years ago
- Detecting ATT&CK techniques & tactics for Linux☆258Updated 4 years ago
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆352Updated 3 years ago
- Test Blue Team detections without running any attack.☆272Updated last year
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆296Updated 8 months ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆165Updated 6 years ago
- A Python package to interact with the Mitre ATT&CK Framework☆476Updated last year
- Atomic Purple Team Framework and Lifecycle☆294Updated 4 years ago