Neo23x0 / BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
☆22Updated last year
Alternatives and similar repositories for BlueTeam-Tools:
Users that are interested in BlueTeam-Tools are comparing it to the libraries listed below
- Windows Malware Investigation Scripts & Docs☆74Updated 3 months ago
- Harness the power of Splunk for your investigations☆88Updated 2 months ago
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆110Updated last month
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆84Updated last week
- A repository to share publicly available Velociraptor detection content☆126Updated this week
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆194Updated 7 months ago
- Some important DFIR Resources☆83Updated last year
- Config files for my GitHub profile.☆14Updated last year
- A repository of my own Sigma detection rules.☆157Updated 5 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆151Updated 9 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆182Updated 2 weeks ago
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆177Updated 2 months ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆224Updated last year
- ☆51Updated 9 months ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆106Updated last year
- A collection of various SIEM rules relating to malware family groups.☆65Updated 8 months ago
- Parses USB connection artifacts from offline Registry hives☆94Updated 2 weeks ago
- An opensource sigma conversion tool built using pysigma☆115Updated 2 months ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 3 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 5 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆76Updated 9 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆116Updated last year
- The Threat Actor Profile Guide for CTI Analysts☆104Updated last year
- Tools for simulating threats☆181Updated last year
- MISP to Sentinel integration☆62Updated 2 months ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆75Updated 3 months ago
- A collection of CVEs weaponized by ransomware operators☆104Updated last month
- Incident Response documents and tooling☆68Updated last year
- Cyber Underground General Intelligence Requirements☆90Updated last year
- Full of public notes and Utilities☆97Updated last week