curated-intel / The-CTI-Research-Guide
A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners
☆48Updated 2 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for The-CTI-Research-Guide
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆50Updated 2 weeks ago
- CarbonBlack EDR detection rules and response actions☆71Updated 2 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated last week
- A collection of CVEs weaponized by ransomware operators☆52Updated this week
- Cyber Underground General Intelligence Requirements☆90Updated 9 months ago
- ☆26Updated last week
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆116Updated 11 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 5 months ago
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆22Updated 2 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 6 months ago
- Remote access and Antivirus Logging Database☆41Updated 6 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆75Updated 2 weeks ago
- ☆19Updated last year
- User Feedback Space of #MitreAssistant☆37Updated last year
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆18Updated 3 months ago
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆23Updated 2 months ago
- ☆82Updated 2 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆110Updated 7 months ago
- Repository that contains a set of purposefully erroneous Yara rules.☆48Updated 9 months ago
- Parses USB connection artifacts from offline Registry hives☆66Updated 3 weeks ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆25Updated last month
- The Threat Actor Profile Guide for CTI Analysts☆96Updated last year
- Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.☆60Updated 3 months ago
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆37Updated last week
- Data breaches, Leaks, Malwares Forums List <Please Use Vpn/TOR don't click on Link directly bad OPSEC>☆42Updated last week
- C2 Active Scanner☆47Updated 4 months ago
- BlackBerry Threat Research & Intelligence☆93Updated last year
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆66Updated this week
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆15Updated last year
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆26Updated 3 weeks ago