corelight / Dashboards-Splunk-DNS-Hunting-Beaconing

Related projects ⓘ

Alternatives and complementary repositories for Dashboards-Splunk-DNS-Hunting-Beaconing

• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• sans-blue-team / sec555-mdwiki-v1
  ☆11Updated 3 years ago
• yasser-alghamdi / winterfell-hunt
  Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…
  ☆14Updated 4 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆17Updated 3 years ago
• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆27Updated 3 years ago
• ezaspy / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆31Updated 3 weeks ago
• blueteam0ps / det-eng-samples
  This repository contains sample log data that were collected after running adversary simulations in Microsoft 365
  ☆20Updated last month
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆21Updated 3 weeks ago
• guardsight / gsvsoc_mission-model
  Incident Response Report Using GitHub-Sphinx
  ☆19Updated 5 years ago
• QueenSquishy / Zombie
  General Content
  ☆20Updated 4 months ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆34Updated 2 years ago
• mattreduce / cti-self-study
  Track progress and keep notes while working through likethecoins' CTI Self Study Plan
  ☆28Updated 2 years ago
• bittib010 / AjourVolAutolity
  A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.
  ☆15Updated 3 weeks ago
• cudeso / dfir-iris-misp-timesketch
  Scripts to integrate DFIR-IRIS, MISP and TimeSketch
  ☆31Updated 2 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆40Updated 4 years ago
• gmagklaras / POFR
  Penguin OS Forensic (or Flight) Recorder
  ☆37Updated 4 months ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆43Updated 6 months ago
• NVISOsecurity / nviso-cti
  ☆41Updated 7 months ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆18Updated last year
• threathunters-io / QLOG
  Windows Security Logging
  ☆43Updated 2 years ago
• randomaccess3 / 4n6_stuff
  Git for me to put all my forensics stuff
  ☆21Updated 2 months ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆50Updated 4 months ago
• dwmetz / PSHero
  PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
  ☆35Updated last year
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆27Updated 6 months ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆21Updated last week
• nidem / forgedpillow
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Updated 3 years ago
• joeavanzato / velociraptor-timeline-creator
  VTC - Velociraptor Timeline Creator
  ☆15Updated 6 months ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆35Updated 11 months ago
• iThreatopedia / iThreatopedia.github.io
  A happy place for detection engineers, purple teamers and threat hunters focusing on macOS.
  ☆20Updated 2 years ago
• capesstack / capes-docker
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆14Updated 2 years ago