Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets
☆142Oct 12, 2020Updated 5 years ago
Alternatives and similar repositories for detection-hackathon-apt29
Users that are interested in detection-hackathon-apt29 are comparing it to the libraries listed below
Sorting:
- Cloud Templates and scripts to deploy mordor environments☆129Mar 3, 2021Updated 5 years ago
- A community event for security researchers to share their favorite notebooks☆108Feb 15, 2024Updated 2 years ago
- Re-play Security Events☆1,723Mar 20, 2024Updated last year
- Open Source Security Events Metadata (OSSEM)☆1,288Feb 27, 2023Updated 3 years ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆531Apr 20, 2021Updated 4 years ago
- Windows Events Attack Samples☆2,515Jan 24, 2023Updated 3 years ago
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- TrustedSec Sysinternals Sysmon Community Guide☆1,372Feb 10, 2026Updated 3 weeks ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,078Nov 28, 2024Updated last year
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Sep 14, 2023Updated 2 years ago
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆23Oct 26, 2019Updated 6 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆85Jan 9, 2022Updated 4 years ago
- An ELK environment containing interesting security datasets.☆136May 11, 2020Updated 5 years ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆69Dec 2, 2022Updated 3 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,486Jan 12, 2026Updated last month
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,173Jul 26, 2023Updated 2 years ago
- ATT&CK Remote Threat Hunting Incident Response☆206Dec 8, 2024Updated last year
- MAL-CL (Malicious Command-Line)☆322Jan 10, 2023Updated 3 years ago
- Test Blue Team detections without running any attack.☆271May 2, 2024Updated last year
- ☆825Jun 1, 2023Updated 2 years ago
- Sysmon Tools for PowerShell☆233Aug 17, 2018Updated 7 years ago
- EventList☆377Mar 21, 2021Updated 4 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆620Jun 26, 2024Updated last year
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆568Dec 19, 2025Updated 2 months ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆937Dec 12, 2023Updated 2 years ago
- Repository containing Jupyter Notebooks for working with OSQuery tables and data☆17May 8, 2020Updated 5 years ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆414Sep 13, 2023Updated 2 years ago
- Petaq - Purple Team Command & Control Server☆105Dec 8, 2022Updated 3 years ago
- Detect Tactics, Techniques & Combat Threats☆2,264Jan 21, 2026Updated last month
- Actionable analytics designed to combat threats☆1,005May 25, 2022Updated 3 years ago
- Scans a malware file and lists down the related MBC (Malware Behavior Catalog) details.☆22Jul 11, 2022Updated 3 years ago
- Cyber Analytics Repository☆984May 16, 2025Updated 9 months ago
- Library of threat hunts to get any user started!☆49Sep 4, 2020Updated 5 years ago
- Plugin that serves the ATT&CK website alongside CALDERA.☆12Feb 24, 2020Updated 6 years ago
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,549Feb 10, 2026Updated 3 weeks ago
- ☆16Jan 31, 2015Updated 11 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Open-source framework to detect outliers in Elasticsearch events☆205May 22, 2023Updated 2 years ago
- A toolset to make a system look as if it was the victim of an APT attack☆2,715Sep 23, 2025Updated 5 months ago