PacktPublishing / Threat-Hunting-with-Elastic-Stack

Related projects ⓘ

Alternatives and complementary repositories for Threat-Hunting-with-Elastic-Stack

• PacktPublishing / Incident-Response-with-Threat-Intelligence
  Incident Response with Threat Intelligence, published by Packt
  ☆49Updated 7 months ago
• abdulshareef / DFIR-Resources
  Some important DFIR Resources
  ☆82Updated last year
• guardsight / gsvsoc_cybersecurity-incident-response-plan
  Cybersecurity Incident Response Plan
  ☆87Updated 4 years ago
• tidalcyber / cyber-threat-profiling
  A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense
  ☆75Updated 11 months ago
• strandjs / ClassLabs
  ☆54Updated 3 years ago
• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆116Updated 11 months ago
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆62Updated 5 months ago
• curated-intel / Threat-Actor-Profile-Guide
  The Threat Actor Profile Guide for CTI Analysts
  ☆97Updated last year
• signorrayan / SplunkThreatHunting
  This repository contains Splunk queries to hunt some anomalies
  ☆38Updated 2 years ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆148Updated 6 months ago
• Errum / IntelArchitectureMap
  Intelligence Architecture Mind Map
  ☆117Updated 8 months ago
• archanchoudhury / DFIR-Tools
  This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR
  ☆71Updated 2 years ago
• dfircheatsheet / dfircheatsheet.github.io
  ☆63Updated last year
• dfirence / ma-insights-xe
  User Feedback Space of #MitreAssistant
  ☆37Updated last year
• PacktPublishing / Practical-Threat-Detection-Engineering
  Practical Threat Detection Engineering, Published by Packt
  ☆59Updated last year
• AndrewRathbun / DFIRRegex
  A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
  ☆84Updated last year
• utilsec / QuickStart-Guides
  ☆42Updated last year
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆63Updated last year
• BankSecurity / Threat_Hunting
  Some Threat Hunting queries useful for blue teamers
  ☆123Updated 2 years ago
• pr0xylife / pr0xylife
  Config files for my GitHub profile.
  ☆14Updated last year
• cylaris / awesomekql
  Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
  ☆51Updated last year
• ThreatMon / ThreatMon-Daily-C2-Feeds
  IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.
  ☆59Updated 10 months ago
• intel471 / CU-GIR
  Cyber Underground General Intelligence Requirements
  ☆89Updated 9 months ago
• archanchoudhury / Detection-Rule-Dump
  This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.
  ☆36Updated 3 years ago
• activecm / threat-tools
  Tools for simulating threats
  ☆177Updated last year
• secure-cake / win-mal-investigations
  Windows Malware Investigation Scripts & Docs
  ☆75Updated last week
• magicsword-io / sigconverter.io
  An opensource sigma conversion tool built using pysigma
  ☆100Updated this week
• TheHive-Project / DigitalShadows2TH
  DigitalShadows Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
  ☆35Updated 5 years ago
• mthcht / Purpleteam
  Purpleteam scripts simulation & Detection - trigger events for SOC detections
  ☆158Updated last week
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆77Updated this week