bluemountaincyber / evidence-appLinks
Serverless AWS application to upload and hash evidence files.
☆22Updated 2 years ago
Alternatives and similar repositories for evidence-app
Users that are interested in evidence-app are comparing it to the libraries listed below
Sorting:
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆133Updated 2 years ago
- ☆47Updated last month
- ☆29Updated 4 years ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆68Updated 3 weeks ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- A preconfigured Velociraptor triage collector☆52Updated this week
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆57Updated 3 years ago
- This repo is where I store my Threat Hunting ideas/content☆87Updated 2 years ago
- My Jupyter Notebooks☆36Updated 2 months ago
- User Feedback Space of #MitreAssistant☆37Updated 2 years ago
- SigmaHQ pySigma CrowdStrike processing pipeline☆26Updated 7 months ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆37Updated 3 years ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆88Updated last year
- Distribution of the SANS SEC504 Windows Cheat Sheet Lab☆70Updated 5 years ago
- Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation☆26Updated last year
- Defensive Origins Training Schedule☆38Updated last year
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆24Updated last week
- Repository for SPEED SIEM Use Case Framework☆55Updated 5 years ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆29Updated last year
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆27Updated last week
- Random notes collected on the intertubes relating to DFIR☆34Updated last year
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated 2 years ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated last year
- Identify Azure blobs using a wordlist of account name and container name strings☆43Updated 2 months ago
- Hunting Malicious Macros SANS Threathunting Summit 2021 Materials☆39Updated 3 years ago
- ☆58Updated 3 years ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆74Updated last year
- ☆41Updated 2 years ago