brianreitz / awesome-blueteam
A list of resources to build a information security team.
☆13Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for awesome-blueteam
- ☆43Updated 3 weeks ago
- A collection of various SIEM rules relating to malware family groups.☆61Updated 4 months ago
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆44Updated 7 months ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated 7 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated last week
- This repo is where I store my Threat Hunting ideas/content☆85Updated last year
- ☆70Updated 2 weeks ago
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆45Updated 10 months ago
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆22Updated 2 months ago
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆36Updated this week
- ☆48Updated last year
- Cheat sheets for threat hunting, detection and other stuff.☆32Updated 2 years ago
- ☆40Updated last year
- Slides of my public talks☆46Updated 10 months ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆78Updated 3 months ago
- Security Scripts and Sources for daily usage.☆47Updated this week
- A curated list of awesome threat detection and hunting resources☆16Updated 6 years ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆64Updated 2 years ago
- User Feedback Space of #MitreAssistant☆37Updated last year
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆51Updated last year
- Conference presentations☆46Updated last year
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 5 months ago
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆36Updated 3 years ago
- Full of public notes and Utilities☆82Updated 2 months ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆48Updated 2 years ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆124Updated 2 years ago
- Hunting Queries for Defender ATP☆72Updated this week
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆17Updated last year
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆57Updated last week
- ☆19Updated last year