blackberry / threat-research-and-intelligence

Related projects: ⓘ

• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆113Updated 9 months ago
• curated-intel / Threat-Actor-Profile-Guide
  The Threat Actor Profile Guide for CTI Analysts
  ☆89Updated last year
• center-for-threat-informed-defense / attack-powered-suit
  ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…
  ☆69Updated this week
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆94Updated last year
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆65Updated last month
• Errum / IntelArchitectureMap
  Intelligence Architecture Mind Map
  ☆110Updated 6 months ago
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆74Updated 3 weeks ago
• mandiant / thiri-notebook
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆154Updated 2 years ago
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆105Updated last year
• darkquasar / AIMOD2
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆84Updated last year
• dfirence / ma-insights-xe
  User Feedback Space of #MitreAssistant
  ☆37Updated last year
• intel471 / CU-GIR
  Cyber Underground General Intelligence Requirements
  ☆85Updated 7 months ago
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆66Updated last month
• tidalcyber / cyber-threat-profiling
  A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense
  ☆68Updated 9 months ago
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆75Updated 3 months ago
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆70Updated last week
• MHaggis / notes
  Full of public notes and Utilities
  ☆81Updated 3 weeks ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆108Updated 5 months ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 5 months ago
• ReconInfoSec / velociraptor-to-timesketch
  ☆84Updated 3 months ago
• Cyb3rWard0g / IntelRAGU
  Intel Retrieval Augmented Generation (RAG) Utilities
  ☆86Updated 7 months ago
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆115Updated this week
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆148Updated 11 months ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆62Updated 2 years ago
• c2links / NoWhere2Hide
  C2 Active Scanner
  ☆45Updated 3 months ago
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆62Updated last year
• korniko98 / pivot-atlas
  ☆79Updated 3 weeks ago
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆85Updated last year
• Cyb3r-Monk / RITA-J
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆192Updated 2 years ago
• mbabinski / Sigma-Rules
  A repository of my own Sigma detection rules.
  ☆155Updated last week