cisagov / crossfeed
External monitoring for organization assets
☆372Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for crossfeed
- Sublime rules for email attack detection, prevention, and threat hunting.☆256Updated this week
- Zeek-Formatted Threat Intelligence Feeds☆343Updated this week
- Cyber Incident Response Team Playbook Battle Cards☆360Updated 6 months ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆255Updated 9 months ago
- A collection of intelligence about Log4Shell and its exploitation activity.☆181Updated 2 years ago
- Dorothy is a tool to test security monitoring and detection for Okta environments☆175Updated 3 months ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆485Updated 2 months ago
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆251Updated last month
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆137Updated 2 months ago
- Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide gui…☆210Updated 2 years ago
- An open-source, real-time Security Information & Event Management tool based on big data technologies, providing a scalable, advanced sec…☆200Updated 3 weeks ago
- A knowledge base of actionable Incident Response techniques☆612Updated 2 years ago
- This repo contains IOC, malware and malware analysis associated with Public cloud☆244Updated this week
- The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…☆133Updated this week
- Pwnspoof repository☆257Updated last year
- 🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…☆483Updated 7 months ago
- A Command-line tool which leverages the Tenable.io API to reduce the time it takes to get information that is common during remediation o…☆72Updated last month
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆319Updated 10 months ago
- Built-in Panther detection rules and policies☆338Updated this week
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆380Updated 7 months ago
- Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch …☆161Updated 4 months ago
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆395Updated this week
- HASH (HTTP Agnostic Software Honeypot)☆128Updated 6 months ago
- Atomic Purple Team Framework and Lifecycle☆282Updated 3 years ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆405Updated last year
- A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…☆166Updated last week
- Russia / Ukraine 2022 conflict related IOCs from CERT Orange Cyberdefense Threat Intelligence Datalake☆174Updated last year
- A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.☆341Updated 6 months ago
- PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform☆244Updated this week
- A checklist of practices for organizations dealing with account takeover (ATO)��☆263Updated last month