blwhit / Document-SOC-SIEM-HomelabLinks
Cyber Attack/Defense home lab using Sliver, LimaCharlie [SIEM], & VM's to simulate C&C, Threat Detection, etc.
☆10Updated last year
Alternatives and similar repositories for Document-SOC-SIEM-Homelab
Users that are interested in Document-SOC-SIEM-Homelab are comparing it to the libraries listed below
Sorting:
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆101Updated 3 months ago
- ☆53Updated 3 weeks ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆268Updated this week
- Windows Malware Investigation Scripts & Docs☆83Updated 9 months ago
- This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR☆79Updated 3 years ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆199Updated last year
- Some important DFIR Resources☆83Updated 2 years ago
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆187Updated 7 months ago
- Tools for simulating threats☆191Updated last year
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆261Updated 4 months ago
- A starter pack of resources to help you get started in Detection Engineering.☆164Updated last month
- Open Source Security Operations Center Documentation☆191Updated last month
- A collection of CVEs weaponized by ransomware operators☆120Updated 2 months ago
- A repository of my own Sigma detection rules.☆160Updated 11 months ago
- A Python script for extracting IP addresses, URLs, headers, and attachments from .eml files. Additional functionalities include defanging…☆28Updated 10 months ago
- Some Threat Hunting queries useful for blue teamers☆127Updated 3 years ago
- Harness the power of Splunk for your investigations☆121Updated last month
- CLI tools for forensic investigation of Windows artifacts☆344Updated 3 weeks ago
- A repository to share publicly available Velociraptor detection content☆186Updated this week
- A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat in…☆356Updated last week
- A powerful home-lab focused on setting up Splunk SIEM and real-world use cases. If you’re interested to become SOC Analyst(Tier 1/2) , th…☆67Updated last year
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆154Updated 4 months ago
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆148Updated last week
- Indexes for SANS Courses and GIAC Certifications☆254Updated last year
- ☆183Updated last year
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆327Updated 3 months ago
- ☆66Updated 2 years ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆92Updated 4 years ago
- SPL cheatsheet for Splunk.☆24Updated 2 years ago
- MISP Playbooks☆206Updated last month