cybersheepdog / Threat-Hunting-MetricsLinks
Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes time away from your Threat Hunting. I have created this Excel document to help automate as much of that as possible. The Strategic Overview tab is auto-updated based upon what you enter in the Threat Hunts Ta…
☆12Updated 2 years ago
Alternatives and similar repositories for Threat-Hunting-Metrics
Users that are interested in Threat-Hunting-Metrics are comparing it to the libraries listed below
Sorting:
- Sigma detection rules for hunting with the threathunting-keywords project☆55Updated 3 months ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆68Updated last month
- simple webapp for converting sigma rules into siem queries using the pySigma library☆49Updated last year
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆34Updated 3 years ago
- A home for detection content developed by the delivr.to team☆69Updated 3 weeks ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 8 months ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆42Updated last month
- User Feedback Space of #MitreAssistant☆37Updated 2 years ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- Remote access and Antivirus Logging Database☆42Updated last year
- Security Content for the PEAK Threat Hunting Framework☆30Updated last year
- Azure function to insert MISP data in to Azure Sentinel☆32Updated 2 years ago
- Baseline a Windows System against LOLBAS☆27Updated last year
- CarbonBlack EDR detection rules and response actions☆71Updated 9 months ago
- SigmaHQ pySigma CrowdStrike processing pipeline☆27Updated 8 months ago
- A simple tool designed to create Atomic Red Team tests with ease.☆44Updated 3 months ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Updated 3 years ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆88Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- Library of threat hunts to get any user started!☆44Updated 4 years ago
- Hunting Malicious Macros SANS Threathunting Summit 2021 Materials☆39Updated 3 years ago
- ☆88Updated last year
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- This repo is where I store my Threat Hunting ideas/content☆88Updated 2 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆21Updated 8 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆79Updated last month
- Forensics artifacts collection☆20Updated 4 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 4 months ago
- ☆47Updated 2 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year