cudeso / misp-tip-of-the-week
A collection of tips for using MISP.
☆74Updated 7 months ago
Related projects ⓘ
Alternatives and complementary repositories for misp-tip-of-the-week
- User Feedback Space of #MitreAssistant☆37Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆115Updated 11 months ago
- ☆1Updated last month
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆50Updated this week
- Azure function to insert MISP data in to Azure Sentinel☆30Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- Remote access and Antivirus Logging Database☆41Updated 6 months ago
- ☆31Updated last month
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 2 years ago
- A community event for security researchers to share their favorite notebooks☆106Updated 9 months ago
- Cleanup of older MISP events can require some work until now☆24Updated last year
- Forensic Artifact Collection Tool Matrix☆75Updated 2 weeks ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆109Updated 11 months ago
- ☆83Updated 3 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆104Updated this week
- Full of public notes and Utilities☆87Updated last week
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆36Updated 2 years ago
- Convert Sigma rules to LogRhythm searches☆19Updated 2 years ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆97Updated this week
- Collection of scripts provided for public use☆31Updated last week
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆31Updated 2 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆76Updated last week
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆65Updated 8 months ago
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆65Updated this week
- Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General☆23Updated 2 years ago
- CSIRT Jump Bag☆27Updated 6 months ago
- BlackBerry Threat Research & Intelligence☆93Updated last year
- Repository of public reference frameworks for the DFIR community.☆109Updated last year
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆84Updated this week
- ☆46Updated 2 years ago