Neo23x0 / ThreatResearch-Reporting-Guide
Offensive Research Guide to Help Defense Improve Detection
☆30Updated 2 years ago
Alternatives and similar repositories for ThreatResearch-Reporting-Guide:
Users that are interested in ThreatResearch-Reporting-Guide are comparing it to the libraries listed below
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- Track progress and keep notes while working through likethecoins' CTI Self Study Plan☆28Updated 2 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Updated 4 years ago
- Scripts and lists to help generate YARA friendly string mutations☆21Updated 2 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations☆43Updated 3 years ago
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆12Updated 6 years ago
- Random tips and tricks RE: ransomware☆14Updated 3 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 3 years ago
- my MSTICpy practice and custom tools repository☆11Updated 5 months ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- Threat Box Assessment Tool☆19Updated 3 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 2 months ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- ☆38Updated 3 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Updated 2 months ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated 6 months ago
- ☆11Updated last year
- ☆41Updated last year
- Converts Sigma detection rules to a Splunk alert configuration.☆13Updated 3 years ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- ☆14Updated 2 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year
- Automatic detection engineering technical state compliance☆55Updated 9 months ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆19Updated last year
- Yara rules☆21Updated 2 years ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- Quick ESXi Log Parser☆19Updated 3 months ago