cybersheepdog / Threat-Hunting-MetricsLinks
Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes time away from your Threat Hunting. I have created this Excel document to help automate as much of that as possible. The Strategic Overview tab is auto-updated based upon what you enter in the Threat Hunts Ta…
☆12Updated 2 years ago
Alternatives and similar repositories for Threat-Hunting-Metrics
Users that are interested in Threat-Hunting-Metrics are comparing it to the libraries listed below
Sorting:
- ☆21Updated 2 years ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆28Updated last week
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆15Updated last year
- Sigma detection rules for hunting with the threathunting-keywords project☆55Updated 3 months ago
- ☆11Updated last year
- Baseline a Windows System against LOLBAS☆27Updated last year
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆78Updated 3 weeks ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated 2 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated 7 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- An exercise to practice deobfuscating PowerShell Scripts.☆28Updated 2 years ago
- Yara Rules for Modern Malware☆77Updated last year
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆31Updated 3 years ago
- Quick ESXi Log Parser☆21Updated 5 months ago
- ShellSweeping the evil.☆52Updated 11 months ago
- Tools and scripts to deploy and manage OpenRelik instances☆13Updated this week
- CarbonBlack EDR detection rules and response actions☆71Updated 8 months ago
- VTC - Velociraptor Timeline Creator☆18Updated last year
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 7 months ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆68Updated 3 weeks ago
- pySigma Splunk backend☆38Updated 3 weeks ago
- Library of threat hunts to get any user started!☆44Updated 4 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- Collection of scripts provided for public use☆34Updated last month
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆31Updated last year
- The core backend server handling API requests and task management☆39Updated last week
- This repo is where I store my Threat Hunting ideas/content☆87Updated 2 years ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago