Sam0x90 / CB-Threat-HuntingView external linksLinks
CarbonBlack EDR detection rules and response actions
☆73Sep 10, 2024Updated last year
Alternatives and similar repositories for CB-Threat-Hunting
Users that are interested in CB-Threat-Hunting are comparing it to the libraries listed below
Sorting:
- Advanced Threat Hunting: Ransomware Group☆29Jul 9, 2025Updated 7 months ago
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated last year
- A repository of my own Sigma detection rules.☆163Nov 25, 2025Updated 2 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆58Mar 2, 2025Updated 11 months ago
- ☆20Apr 10, 2025Updated 10 months ago
- ThreatSeeker: Threat Hunting via Windows Event Logs☆124May 16, 2023Updated 2 years ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆633Aug 4, 2025Updated 6 months ago
- Hunting Queries for Defender ATP☆83Dec 14, 2025Updated 2 months ago
- ☆54Feb 2, 2026Updated last week
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆801Jan 14, 2026Updated last month
- Awesome Security lists for SOC/CERT/CTI☆1,239Feb 9, 2026Updated last week
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆83Apr 27, 2024Updated last year
- A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…☆17Jan 28, 2026Updated 2 weeks ago
- Smarter Asset Search, Faster Information Extraction ZoomEye GPT is a browser extension designed specifically for cybersecurity profession…☆24Apr 30, 2025Updated 9 months ago
- Basic guide for performing a Physical PenTest - Nist 800-12, 800-53, 800-115, 800-152☆22Jan 1, 2023Updated 3 years ago
- yara detection rules for hunting with the threathunting-keywords project☆157May 11, 2025Updated 9 months ago
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆70Jan 6, 2026Updated last month
- ☆22Jan 31, 2023Updated 3 years ago
- A repository to share publicly available Velociraptor detection content☆196Feb 8, 2026Updated last week
- Contains compiled binaries of Volatility☆36May 18, 2025Updated 8 months ago
- This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team☆20Oct 9, 2024Updated last year
- Some important DFIR Resources☆84Mar 16, 2023Updated 2 years ago
- A collection of tools, scripts and personal research☆155Feb 2, 2026Updated last week
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆66Jul 7, 2022Updated 3 years ago
- ☆115Jan 31, 2024Updated 2 years ago
- User Feedback Space of #MitreAssistant☆38May 19, 2023Updated 2 years ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆252Oct 29, 2025Updated 3 months ago
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆68Dec 7, 2025Updated 2 months ago
- Active C&C Detector☆155Oct 5, 2023Updated 2 years ago
- New Framework Red Team Operations☆20Jun 7, 2021Updated 4 years ago
- multi-threaded script uses VirusTotal and AbuseIPDB APIs and generate an excel with all needed data☆10Mar 14, 2023Updated 2 years ago
- This is a collection of stealers for educational purposes☆21Aug 13, 2025Updated 6 months ago
- Rules generated from our investigations.☆204Jun 17, 2025Updated 7 months ago
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,634Updated this week
- MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs☆754Feb 1, 2026Updated 2 weeks ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆613Dec 8, 2025Updated 2 months ago
- This home-lab provides individuals with hands-on experience in setting up, configuring, and utilizing Suricata to enhance network securit…☆30Apr 10, 2024Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…☆754Aug 28, 2025Updated 5 months ago