Neo23x0 / ThreatResearch-Reporting-GuideLinks
Offensive Research Guide to Help Defense Improve Detection
☆31Updated 2 years ago
Alternatives and similar repositories for ThreatResearch-Reporting-Guide
Users that are interested in ThreatResearch-Reporting-Guide are comparing it to the libraries listed below
Sorting:
- A MITRE ATT&CK Lookup Tool☆45Updated last year
- Track progress and keep notes while working through likethecoins' CTI Self Study Plan☆28Updated 2 years ago
- Scripts and lists to help generate YARA friendly string mutations☆21Updated 2 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆49Updated last year
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 3 years ago
- Slides and materials from conference presentations☆9Updated last year
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆28Updated last week
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated 7 months ago
- Library of threat hunts to get any user started!☆44Updated 4 years ago
- Automatic detection engineering technical state compliance☆55Updated 10 months ago
- Baseline a Windows System against LOLBAS☆27Updated last year
- ☆29Updated 4 years ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- ☆11Updated last year
- Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations☆43Updated 3 years ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Updated 2 years ago
- Can you pay the ransom in your country?☆14Updated last year
- A home for detection content developed by the delivr.to team☆69Updated this week
- User Feedback Space of #MitreAssistant☆37Updated 2 years ago
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated 2 years ago
- ☆42Updated last year
- ShellSweeping the evil.☆52Updated 11 months ago
- ☆21Updated 2 years ago
- Threat Box Assessment Tool☆19Updated 3 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆20Updated last year
- ☆21Updated 3 years ago
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆27Updated last week