atc-project / atc-dataLinks
Actionable data for Security Operations
☆19Updated 3 years ago
Alternatives and similar repositories for atc-data
Users that are interested in atc-data are comparing it to the libraries listed below
Sorting:
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆39Updated 4 years ago
- gundog - guided hunting in Microsoft Defender☆52Updated 4 years ago
- List of sigma for a variety of threats for multiple log sources.☆12Updated 6 years ago
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆33Updated last year
- Library of threat hunts to get any user started!☆44Updated 4 years ago
- ☆42Updated last year
- ☆47Updated 2 months ago
- List of PowerShell commands and commandlets that should be in your Powershel watchlist☆37Updated 3 years ago
- Repository for SPEED SIEM Use Case Framework☆55Updated 5 years ago
- Automatic detection engineering technical state compliance☆55Updated 11 months ago
- List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…☆26Updated 3 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆53Updated 2 years ago
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- Threat Hunter's Knowledge Base☆22Updated 3 years ago
- OSSEM Data Dictionaries☆61Updated 5 months ago
- This repo is where I store my Threat Hunting ideas/content☆88Updated 2 years ago
- PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.☆38Updated 3 years ago
- ☆29Updated 4 years ago
- Track progress and keep notes while working through likethecoins' CTI Self Study Plan☆28Updated 2 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆93Updated 3 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- CSIRT Jump Bag☆26Updated last year
- Cheat sheets for threat hunting, detection and other stuff.☆34Updated 2 years ago
- SIEM USE Case Selection Methodology☆16Updated 4 years ago
- Cloud Templates and scripts to deploy mordor environments☆129Updated 4 years ago
- Workflows for Shuffle☆23Updated 2 years ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆64Updated 2 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆22Updated 5 years ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆31Updated last year