center-for-threat-informed-defense / defending-iaas-with-attackLinks
Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a methodology for creating technique collections.
☆14Updated 4 months ago
Alternatives and similar repositories for defending-iaas-with-attack
Users that are interested in defending-iaas-with-attack are comparing it to the libraries listed below
Sorting:
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆30Updated 2 years ago
- ☆18Updated 3 years ago
- ☆14Updated 4 months ago
- Workflows for Shuffle☆23Updated 2 years ago
- The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit l…☆28Updated 4 months ago
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆16Updated last year
- ☆31Updated 4 months ago
- Short deep dive into Threat Hunting on AWS☆14Updated 2 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Updated 4 years ago
- Automatic detection engineering technical state compliance☆55Updated last year
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Updated last year
- A PoC to Simulate Ransomware Attack on AWS Environment☆32Updated last year
- ☆41Updated this week
- This repository contains generated contextual data utilized by pyattck.☆19Updated 7 months ago
- An experimental Velociraptor implementation using cloud infrastructure☆26Updated last week
- Fun tools around the EBS Direct API☆19Updated 4 years ago
- Track progress and keep notes while working through likethecoins' CTI Self Study Plan☆29Updated 3 years ago
- Generic Signature Format for SIEM Systems☆14Updated 3 years ago
- Virtual Security Operations Center☆51Updated 2 years ago
- Attack Tool Timing and Reporting - Structured Attack Logging Format☆22Updated 2 years ago
- GCP Audit checks projects in Google Cloud for compliance with CIS Benchmarks☆27Updated 5 months ago
- Open-source Fabric templates for cybersecurity and compliance☆22Updated 9 months ago
- Simulates a compromise in a cloud and container environment☆32Updated 10 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆65Updated 3 years ago
- AWS EKS Cluster Forensics☆23Updated 4 years ago
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆16Updated 2 months ago
- An open source Wireshark extcap to make ad hoc mirroring of AWS EC2 traffic easier☆19Updated 10 months ago
- ☆18Updated last year
- Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)☆44Updated 3 years ago