RESOLVN / RTHVM
Resolvn Threat Hunting Virtual Machine
☆139Updated 5 years ago
Alternatives and similar repositories for RTHVM:
Users that are interested in RTHVM are comparing it to the libraries listed below
- This was code for analyzing round 1 of the MITRE Enterprise ATT&CK Evaluation. Please check out https://github.com/joshzelonis/Enterprise…☆95Updated 5 years ago
- An ELK environment containing interesting security datasets.☆136Updated 4 years ago
- Searches For Threat Hunting and Security Analytics☆241Updated 3 weeks ago
- Security Monitoring Resolution Categories☆138Updated 3 years ago
- All-in-one bundle of MISP, TheHive and Cortex☆169Updated 2 years ago
- Main Build directory☆179Updated 5 years ago
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆125Updated 2 years ago
- Collecting & Hunting for IOCs with gusto and style☆238Updated 3 years ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- All the IOC's I have gathered which are used directly involved coronavirus / covid-19 / SARS-CoV-2 cyber attack campaigns☆65Updated 4 years ago
- Threat Alert Logic Repository☆92Updated 6 years ago
- Web application to create indexes for GIAC certification examinations.☆138Updated 2 years ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆179Updated 3 years ago
- Cloud Templates and scripts to deploy mordor environments☆129Updated 4 years ago
- Tools to automate and/or expedite response.☆113Updated 9 months ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- Powershell - web traffic whitenoise generator☆47Updated 4 years ago
- Dump of organized knowledge on DFIR☆134Updated 3 years ago
- ☆172Updated 9 months ago
- Splunk Boss of the SOC v1 data set.☆111Updated 6 years ago
- Sheepl : Creating realistic user behaviour for supporting tradecraft development within lab environments☆396Updated last year
- SEC599 supporting GitHub repository☆16Updated 5 years ago
- Log Entry to Sigma Rule Converter☆107Updated 3 years ago
- Powershell Threat Hunting Module☆283Updated 8 years ago
- Test Blue Team detections without running any attack.☆272Updated 11 months ago
- Automated Use Case Testing☆167Updated 6 years ago
- Detecting ATT&CK techniques & tactics for Linux☆258Updated 4 years ago
- Collection of useful, up to date, Carbon Black Response Queries☆83Updated 4 years ago
- Cuckoo Sandbox is an automated dynamic malware analysis system☆107Updated 4 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆352Updated 4 years ago