caliskanfurkan / awesome-security-analytics
A repo for security analytics & threat hunting resources
☆20Updated 5 years ago
Related projects: ⓘ
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆23Updated 5 years ago
- Reference sheet for Threat Hunting Professional Course☆24Updated 5 years ago
- Hunt malware with Volatility☆46Updated 4 months ago
- Threat Hunter's Knowledge Base☆21Updated 2 years ago
- Carbon Black Response IR tool☆53Updated 3 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- Open source training materials for law-enforcement and organisations interested in DFIR.☆55Updated 2 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆83Updated last year
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- Quick SOC L1 ticket structure☆35Updated 5 years ago
- TA505+ Adversary Simulation☆64Updated 3 years ago
- SEC599 supporting GitHub repository☆14Updated 5 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 4 years ago
- Powershell - web traffic whitenoise generator☆46Updated 4 years ago
- Site for IWS book content☆18Updated 5 years ago
- Use DNS to hunt for threats including DGAs☆14Updated 8 years ago
- Browser Shortcuts for Cyber Security Related Online Services☆78Updated 3 years ago
- Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"☆50Updated 2 years ago
- Powershell Functions to interact with TheHive-Project☆10Updated 5 years ago
- Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks☆25Updated 4 years ago
- Three datasets to practice Threat Hunting against.☆36Updated 8 months ago
- Purple Team Security☆74Updated 2 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆19Updated 2 years ago
- Wrap any binary into a cached webserver☆53Updated 2 years ago
- FRAC and RIFT☆17Updated 5 years ago
- ☆19Updated 3 years ago
- Public Landing Page☆16Updated last year
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆22Updated 2 months ago
- Collection of useful, up to date, Carbon Black Response Queries☆82Updated 3 years ago