Neo23x0 / ThreatResearch-Reporting-Guide
Offensive Research Guide to Help Defense Improve Detection
☆29Updated last year
Related projects ⓘ
Alternatives and complementary repositories for ThreatResearch-Reporting-Guide
- ☆41Updated 7 months ago
- ☆14Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 6 months ago
- Track progress and keep notes while working through likethecoins' CTI Self Study Plan☆28Updated 2 years ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆50Updated last year
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆15Updated 3 weeks ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- General Content☆20Updated 4 months ago
- Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations☆43Updated 3 years ago
- Scripts and lists to help generate YARA friendly string mutations☆19Updated last year
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- ShellSweeping the evil.☆52Updated 5 months ago
- The core backend server handling API requests and task management☆31Updated 2 weeks ago
- A home for detection content developed by the delivr.to team☆59Updated last week
- A MITRE ATT&CK Lookup Tool☆44Updated 6 months ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆56Updated last year
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆29Updated last week
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆24Updated 4 months ago
- ☆15Updated 3 years ago
- Azure function to insert MISP data in to Azure Sentinel☆30Updated 2 years ago
- Random tips and tricks RE: ransomware☆14Updated 3 years ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- ☆19Updated last year
- C2 Active Scanner☆49Updated 5 months ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated last month
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated last month
- Baseline a Windows System against LOLBAS☆25Updated 6 months ago