austinsonger / Incident-Playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
☆1,395Updated last month
Related projects: ⓘ
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆802Updated this week
- Incident Response Methodologies 2022☆925Updated 7 months ago
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,081Updated this week
- Splunk Security Content☆1,251Updated this week
- Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...☆998Updated 2 weeks ago
- You didn't think I'd go and leave the blue team out, right?☆1,586Updated last year
- An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.☆1,658Updated 8 months ago
- ☆1,902Updated this week
- A concise, directive, specific, flexible, and free incident response plan template☆627Updated 4 months ago
- Bloodhound Reporting for Blue and Purple Teams☆1,105Updated 3 weeks ago
- A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365☆769Updated last year
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆580Updated 9 months ago
- A repository of curated datasets from various attacks☆564Updated this week
- A knowledge base of actionable Incident Response techniques☆601Updated 2 years ago
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆830Updated 2 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆758Updated 11 months ago
- Detect Tactics, Techniques & Combat Threats☆2,040Updated 4 months ago
- Hunting queries and detections☆710Updated last week
- ☆632Updated this week
- ☆2,156Updated 11 months ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,051Updated last year
- Rapidly Search and Hunt through Windows Forensic Artefacts☆2,715Updated 3 weeks ago
- Windows Events Attack Samples☆2,198Updated last year
- TrustedSec Sysinternals Sysmon Community Guide☆1,125Updated 3 months ago
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,363Updated last week
- Actionable analytics designed to combat threats☆964Updated 2 years ago
- A collection of sources of documentation, as well as field best practices, to build/run a SOC☆1,169Updated this week
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,126Updated last year
- Defences against Cobalt Strike☆1,270Updated 2 years ago
- Re-play Security Events☆1,584Updated 6 months ago