Neo23x0 / ThreatResearch-Reporting-GuideLinks
Offensive Research Guide to Help Defense Improve Detection
☆31Updated 2 years ago
Alternatives and similar repositories for ThreatResearch-Reporting-Guide
Users that are interested in ThreatResearch-Reporting-Guide are comparing it to the libraries listed below
Sorting:
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- ☆11Updated 2 years ago
- Track progress and keep notes while working through likethecoins' CTI Self Study Plan☆28Updated 2 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆13Updated 3 years ago
- ☆42Updated last year
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆21Updated 8 months ago
- ☆21Updated 3 years ago
- Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations☆43Updated 3 years ago
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆73Updated 3 years ago
- ☆29Updated 4 years ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Updated 11 months ago
- A home for detection content developed by the delivr.to team☆69Updated 3 weeks ago
- Automatic detection engineering technical state compliance☆55Updated 11 months ago
- Slides and materials from conference presentations☆9Updated last year
- ☆16Updated 3 months ago
- An experimental Velociraptor implementation using cloud infrastructure☆25Updated 2 weeks ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆68Updated last month
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆27Updated 2 weeks ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆25Updated 3 months ago
- CSIRT Jump Bag☆26Updated last year
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆29Updated 4 years ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆49Updated last year
- Quick ESXi Log Parser☆21Updated 5 months ago
- ☆14Updated 2 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year