Neo23x0 / atomic-threat-coverage
Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.
☆22Updated 6 years ago
Alternatives and similar repositories for atomic-threat-coverage:
Users that are interested in atomic-threat-coverage are comparing it to the libraries listed below
- Recipes for GCHQ's CyberChef Web App☆35Updated 6 years ago
- Some YARA rules i will add from time to time☆12Updated 5 years ago
- Site for IWS book content☆18Updated 6 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- Collection of scripts used to analyse malware or emails☆19Updated 4 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- A collection of typical false positive indicators☆55Updated 4 years ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.☆26Updated 6 years ago
- Use DNS to hunt for threats including DGAs☆14Updated 9 years ago
- ☆12Updated 5 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Best practices in threat intelligence☆46Updated 2 years ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15Updated 5 years ago
- Expert Investigation Guides☆51Updated 3 years ago
- ☆29Updated 6 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 4 years ago
- pocket guide for core threat hunting concepts☆23Updated 4 years ago
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆25Updated 2 months ago
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆17Updated 6 years ago
- A curated list of awesome YARA rules, tools, and people.☆33Updated last year
- A script to create and assign SOP tasks into the cases☆18Updated 4 years ago
- Git for me to put all my forensics stuff☆21Updated last month
- incident response scripts☆19Updated 5 years ago
- References for FIRST CTI 2019 Symposium presentation☆23Updated 5 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Updated 7 years ago
- pollen - A command-line tool for interacting with TheHive☆35Updated 5 years ago
- Python script to automatically create sigma rules from The hive observables☆23Updated 5 years ago
- ☆14Updated 6 years ago
- repo for sharing stuff☆16Updated last year
- Easy way to create a MISP event related to a Phishing page☆17Updated last year