PaloAltoNetworks / Unit42-Threat-Intelligence-Article-Information
This is the repository for indicators of compromise (IOCs) and other data for threat intelligence articles posted on the Palo Alto Networks Unit 42 website.
☆21Updated this week
Alternatives and similar repositories for Unit42-Threat-Intelligence-Article-Information:
Users that are interested in Unit42-Threat-Intelligence-Article-Information are comparing it to the libraries listed below
- Detection rule validation☆41Updated last year
- Contains compiled binaries of Volatility☆33Updated 3 weeks ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆51Updated 2 months ago
- USN Journal full path builder☆54Updated 5 months ago
- ☆20Updated 2 years ago
- MS Graph Commands and Tools for Blue Teamers☆49Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated last year
- A simple tool designed to create Atomic Red Team tests with ease.☆36Updated 2 months ago
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆19Updated last month
- Tools and scripts to deploy and manage OpenRelik instances☆12Updated 2 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆76Updated last year
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Updated 6 months ago
- Python script to walk a folder or a zip file for SQLite Databases☆38Updated last year
- Open Threat-Informed Detection Engineering☆37Updated last month
- Remote access and Antivirus Logging Database☆43Updated 9 months ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆32Updated 2 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆36Updated last year
- ☆28Updated this week
- This repository contains supplemental items including IOCs, and signatures discussed in Huntress blogposts, and other media.☆35Updated 2 months ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆26Updated 2 years ago
- Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…☆31Updated 6 months ago
- ☆20Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆84Updated last week
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆25Updated 7 months ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Updated last year
- A practical resource on using open-source tools for Incident Response. This repo shares workflows, tool setups, and steps for responding …☆27Updated 3 months ago
- Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!☆45Updated 4 months ago
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆103Updated 2 months ago