Neo23x0 / BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
☆22Updated 2 years ago
Alternatives and similar repositories for BlueTeam-Tools:
Users that are interested in BlueTeam-Tools are comparing it to the libraries listed below
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆123Updated last week
- Windows Malware Investigation Scripts & Docs☆82Updated 6 months ago
- A repository to share publicly available Velociraptor detection content☆163Updated this week
- Tools for simulating threats☆183Updated last year
- Harness the power of Splunk for your investigations☆105Updated last month
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆84Updated 3 months ago
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆97Updated 2 weeks ago
- This repository contains various threat hunting tools written in Python and is documented in the series Python Threat Hunting Tools which…☆13Updated last year
- SentinelOne STAR Rules☆60Updated 2 months ago
- A repository of my own Sigma detection rules.☆158Updated 8 months ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆196Updated 10 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆155Updated last month
- Finding ClickFix and FakeCAPTCHA like it's 1999☆35Updated this week
- ☆52Updated 11 months ago
- MISP to Sentinel integration☆67Updated last month
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆248Updated this week
- Config files for my GitHub profile.☆14Updated 2 years ago
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆185Updated 4 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated 11 months ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆245Updated last month
- Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, po…☆11Updated last month
- Open Source Security Operations Center Documentation☆179Updated this week
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆88Updated 6 months ago
- Repository of attack and defensive information for Business Email Compromise investigations☆251Updated 3 months ago
- A collection of various SIEM rules relating to malware family groups.☆66Updated 10 months ago
- A preconfigured Velociraptor triage collector☆51Updated this week
- Some important DFIR Resources☆83Updated 2 years ago
- An opensource sigma conversion tool built using pysigma☆125Updated 4 months ago
- Incident Response documents and tooling☆72Updated last year
- This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR☆78Updated 3 years ago