OTRF / SANS-BlueTeamSummit-2022
Repo to track SANS BlueTeam Summit Presentation
☆23Updated last year
Related projects: ⓘ
- ☆28Updated 3 years ago
- ☆42Updated 3 months ago
- Cheat sheets for threat hunting, detection and other stuff.☆31Updated last year
- ☆21Updated 3 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆34Updated 9 months ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆64Updated 6 months ago
- Slides of my public talks☆46Updated 9 months ago
- User Feedback Space of #MitreAssistant☆37Updated last year
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- ☆15Updated 2 years ago
- This repo is where I store my Threat Hunting ideas/content☆85Updated last year
- My Jupyter Notebooks☆36Updated 5 months ago
- Test case indexes☆35Updated 2 months ago
- Full of public notes and Utilities☆81Updated 3 weeks ago
- ☆25Updated 3 years ago
- ☆58Updated 2 years ago
- A collection of Sigma rules organized by MITRE ATT&CK technique☆15Updated 3 years ago
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆37Updated 4 months ago
- ☆29Updated 2 years ago
- ☆27Updated this week
- Jupyter notebooks☆22Updated 4 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆25Updated 8 months ago
- Sharing Threat Hunting runbooks☆24Updated 5 years ago
- Tool used to perform threat intelligence against packet data☆34Updated 5 months ago
- ☆13Updated last year
- Azure function to insert MISP data in to Azure Sentinel☆30Updated last year
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆49Updated 2 years ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆69Updated last week
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆55Updated 4 months ago